GRC Lead
6 days ago
MorganFranklin Consulting is a management advisory firm that works with leading businesses and government to address complex and transformational finance, technology, Cybersecurity, and business objectives.
MorganFranklin's Cybersecurity practice helps clients across the globe to solve their most critical Cybersecurity needs. From consulting and implementation to managed services and project resourcing, we work to safeguard assets by identifying risks, developing, and maturing Cybersecurity programs, and implementing solutions that support and meet business goals. Custom-tailored and business-aligned service offerings include:
- Strategy and GRC
- Cybersecurity Operations
- Identity & Access Management
- Incident Response & Risk Intelligence
- Application Security
- Managed Security Services Provider
Position Overview:
We are seeking an experienced Governance, Risk, and Compliance (GRC) Lead to join our consulting team. This role focuses on providing strategic guidance and implementation support to clients in aligning with cybersecurity and privacy frameworks and regulations. The GRC Lead will lead client engagements, manage diverse project teams, and serve as a trusted advisor to clients across industries, while fostering effective communication with internal stakeholders and external leadership.
Key Responsibilities:
Client Engagement & Delivery:
- Partner with clients to assess and enhance their compliance programs, with a strong focus on adhering to industry standards and best practices for risk management, data privacy and cybersecurity (e.g. HIPAA, GDPR, CMMC, ISO, NIST)
- Develop and deliver customized policies, procedures, and risk management plans tailored to client needs and regulatory requirements.
- Lead team members in compliance audits, risk assessments, and gap analyses, providing actionable recommendations to address identified issues.
- Lead Data Governance activities (e.g. discovery/mapping) and Data Privacy activities (e.g. PIA, DPIA)
- Ensure timely and successful delivery of GRC consulting projects, meeting client expectations and maintaining high satisfaction.
Leadership & Team Management:
- Build, manage, and mentor a diverse, high-performing team of consultants specializing in compliance, risk management, and cybersecurity.
- Foster an inclusive and collaborative team environment that values diverse perspectives and skills.
- Assign roles and responsibilities, provide guidance, and conduct performance evaluations to support team development and project success.
Advisory Services:
- Act as a subject matter expert (SME) for clients on NIST standards, Privacy regulations, CMMC, HIPAA compliance, and other related regulatory frameworks.
- Provide thought leadership on emerging GRC trends, industry best practices, and regulatory changes that impact clients.
- Develop long-term client relationships and identify opportunities for additional consulting services.
Communication & Collaboration:
- Serve as the primary point of contact for internal stakeholders and client leadership teams, providing regular updates on project progress and key findings.
- Build and maintain strong relationships with external stakeholders, including auditors, regulators, and industry partners.
- Prepare and deliver polished presentations, reports, and recommendations to C-suite executives and other decision-makers.
Business Development:
- Support organizational growth by identifying new business opportunities and assisting in the preparation of proposals and RFP responses.
- Represent the company at industry conferences, webinars, and other networking events to showcase expertise in GRC.
Technology & Tools:
- Utilize GRC platforms and risk management tools to streamline client projects and ensure accurate reporting.
- Advise clients on selecting and implementing technologies that align with their compliance and security objectives.
Education & Certifications:
- Bachelor's degree in Information Technology, Cybersecurity, Risk Management, or equivalent in experience. A master's degree is preferred.
- Hold at least one (1) Cybersecurity certification such as CISSP, CISA, CISM, CRISC
- Additional industry/domain specific certifications such as CIPP/CIPM, CHPC (Certified in Healthcare Privacy Compliance) or CCA (CMMC Certified Assessor) also preferred.
Experience:
- 10+ years of experience focused on GRC, compliance, or information security.
- Proven expertise in applying HIPAA, CMMC, NERC CIP, GDPR, NIST CSF, NIST 800-53, ISO 27001 and other related frameworks in client environments.
- Strong background in compliance and risk management, including experience driving efficiencies in such programs with tools and automation.
- Demonstrated experience leading and managing diverse teams across multiple projects.
- Proven ability to communicate effectively with internal stakeholders, C-suite executives, and external leadership.
Skills:
- Exceptional interpersonal and communication skills, with the ability to engage effectively with diverse stakeholders at all organizational levels.
- Strong critical thinking, analytical and problem-solving abilities, with a focus on delivering actionable insights to clients.
- Proficiency in GRC tools and platforms and familiarity with industry-specific compliance technologies.
- Knowledge of emerging cybersecurity trends, including AI risk management, privacy-enhancing technologies, and third-party risk management.
-
charlotte, United States MorganFranklin Consulting Full timeWhy Work Here?MorganFranklin Consulting is a management advisory firm that works with leading businesses and government to address complex and transformational finance, technology, Cybersecurity, and business objectives.MorganFranklin's Cybersecurity practice helps clients across the globe to solve their most critical Cybersecurity needs. From consulting and...
-
GRC Manager
3 weeks ago
Charlotte, United States MorganFranklin Consulting Full timeWhy Work Here?MorganFranklin Consulting is a management advisory firm that works with leading businesses and government to address complex and transformational finance, technology, Cybersecurity, and business objectives. MorganFranklin's Cybersecurity practice helps clients across the globe to solve their most critical Cybersecurity needs. From consulting...
-
GRC Manager
3 weeks ago
Charlotte, United States MorganFranklin Consulting Full timeWhy Work Here?MorganFranklin Consulting is a management advisory firm that works with leading businesses and government to address complex and transformational finance, technology, Cybersecurity, and business objectives. MorganFranklin's Cybersecurity practice helps clients across the globe to solve their most critical Cybersecurity needs. From consulting...
-
GRC Analyst/ PCI
3 days ago
Charlotte, United States Motion Recruitment Full timeOpportunity Overview This is a fully remote, full-time GRC Analyst role with a long-established leader in the remote payment processing industry. Our client is a payments company with over 25 years of experience providing secure, compliant credit card processing solutions. In this role, you'll leverage your knowledge of SOC I, SOC II, and PCI compliance...
-
charlotte, United States MorganFranklin Consulting Full timeWhy Work Here?MorganFranklin Consulting is a management advisory firm that works with leading businesses and government to address complex and transformational finance, technology, Cybersecurity, and business objectives. MorganFranklin's Cybersecurity practice helps clients across the globe to solve their most critical Cybersecurity needs. From consulting...
-
charlotte, United States MorganFranklin Consulting Full timeWhy Work Here?MorganFranklin Consulting is a management advisory firm that works with leading businesses and government to address complex and transformational finance, technology, Cybersecurity, and business objectives. MorganFranklin's Cybersecurity practice helps clients across the globe to solve their most critical Cybersecurity needs. From consulting...
-
Lead ServiceNow Engineer
3 months ago
Charlotte, United States WELLS FARGO BANK Full timeThis position is not open to vendors, independent contractors or corp-to-corp hiring. This position requires on-site employment / hybrid work. Relocation assistance is available for this position.About this role: The Enterprise Functions Technology (EFT) group provides technology solutions and support for Risk, Audit, Finance, Marketing, Human Resources,...
-
Lead ServiceNow Engineer
3 weeks ago
Charlotte, United States WELLS FARGO BANK Full timeThis position is not open to vendors, independent contractors or corp-to-corp hiring. This position requires on-site employment / hybrid work. Relocation assistance is available for this position.About this role: The Enterprise Functions Technology (EFT) group provides technology solutions and support for Risk, Audit, Finance, Marketing, Human Resources,...
-
Cybersecurity Risk Governance Specialist
5 days ago
Charlotte, North Carolina, United States MorganFranklin Consulting Full timeCompany OverviewMorganFranklin Consulting is a leading management advisory firm that helps businesses and government address complex finance, technology, cybersecurity, and business objectives. Our Cybersecurity practice provides global solutions to safeguard assets by identifying risks, developing and maturing Cybersecurity programs, and implementing...
-
Operational Risk Program Advisor
2 days ago
Charlotte, United States First Horizon National Corporation Full timeLocation: Onsite listed in the job posting.SummaryThe Operational Risk Advisor will report to the head of ERM/ORM. The role is responsible for leading the strategic direction of the bank’s GRC tool and/or RCSA program and supporting other operational risk programs as needed. Other responsibilities include driving risk culture through education and...
-
Senior Associate
5 months ago
Charlotte, United States Barings Full timeAt Barings, we are as invested in our associates as we are in our clients. We recognize those who work diligently for us and reward them for personal and professional integrity, communication skills, distinct competencies and expertise in specific strategies, ability to collaborate as a team member and true dedication to the interests of our clients.We thank...
-
Senior DLP Threat Detection
3 weeks ago
Charlotte, United States Wells Fargo Full timeAbout this role:The Enterprise Data Loss Prevention (EDLP) Threat Detection & Management Senior Analyst is a key role supporting the team's mission to prevent inappropriate storage, external sharing and distribution of sensitive company, customer and employee information. In this role, you will:Provide information security consultation to improve awareness...
-
Security, Risk and Compliance Consultant
1 day ago
Charlotte, NC, United States SEI Full timeSecurity, Risk and Compliance Consultant Charlotte, North Carolina, United States SEI SEI is an employee-owned management consulting firm delivering fresh perspectives and reliable results. Contact us today to see what sets us apart. An SEI-er is a master communicator and active listener who understands how to navigate an audience. Self-aware, almost to a...
-
Senior Director, Central Compliance
2 days ago
Charlotte, NC, United States SoFi Full timeEmployee Applicant Privacy Notice Who we are: Shape a brighter financial future with us.Together with our members, we’re changing the way people think about and interact with personal finance.We’re a next-generation financial services company and national bank using innovative, mobile-first technology to help our millions of members reach their goals....
