Cybersecurity GRC Program Manager - 3585384

Lighthouse Technology Services is partnering with our client to fill their Cybersecurity GRC Program Manager position! This is a 6+ month contract opportunity and will be hybrid onsite in Buffalo, NY. This role will be a W2 employee of Lighthouse Technology Services.

Position Overview:

• Lead and deliver key United States cybersecurity regulatory governance and reporting obligations
• Ensure compliance with applicable cybersecurity regulations and effective cyber risk management
• Own end-to-end execution of time-bound regulatory programs and submissions
• Produce regulator-ready and Board-ready artifacts
• Maintain repeatable, auditable governance and reporting processes
• Provide oversight and challenge of cybersecurity risk profile, metrics, and control effectiveness
• Drive remediation follow-up for non-compliance or risk appetite breaches
• Partner with cybersecurity, technology, risk, compliance, and control teams (including non-US stakeholders)
• Support the Americas Cybersecurity GRC Lead and US CISO in regulatory governance activities

What You'll Be Doing:

• Lead and deliver key United States cybersecurity regulatory governance and reporting obligations
• Ensure compliance with applicable cybersecurity regulations and effective cyber risk management
• Own end-to-end execution of time-bound regulatory programs and submissions
• Produce regulator-ready and Board-ready artifacts
• Maintain repeatable, auditable governance and reporting processes
• Provide oversight and challenge of cybersecurity risk profile, metrics, and control effectiveness
• Drive remediation follow-up for non-compliance or risk appetite breaches
• Partner with cybersecurity, technology, risk, compliance, and control teams (including non-US stakeholders)
• Support the Americas Cybersecurity GRC Lead and US CISO in regulatory governance activities

Key Responsibilities

• Lead delivery of mandatory U.S. cybersecurity regulatory programs and submissions, ensuring planning, execution, and submission readiness
• Coordinate and produce annual Board-level reporting under GLBA, ensuring consistency and quality
• Support regulatory exams and engagements by coordinating responses and gathering evidence
• Develop and maintain auditable processes, including templates, procedures, and evidence repositories
• Produce clear, concise reporting for senior leadership, Board of Directors, and regulators
• Analyze cybersecurity risk and control metrics (KPI/KRI/KCI) and identify data discrepancies
• Drive root-cause analysis and track remediation actions through to closure
• Prepare governance materials for recurring regulatory forums, including meeting packs and action tracking
• Support NYDFS cybersecurity attestation processes and leadership briefings
• Oversee remediation of cybersecurity control gaps and track progress with control owners
• Provide governance oversight for cyber service sustainability and escalate risks where needed
• Represent U.S. cybersecurity in governance forums and drive issue resolution
• Coordinate cross-functional stakeholders to meet fixed regulatory deadlines
• Respond to ad hoc regulatory requests with timely, accurate deliverables

Required Skills & Experience

• Strong understanding of cybersecurity domains (Security Operations, engineering, controls, tooling)
• Deep knowledge of IT governance, risk management, and compliance (GRC)
• Proven experience supporting cybersecurity regulatory compliance and examinations
• Demonstrated program management experience with end-to-end ownership of regulatory deliverables
• Ability to build repeatable, auditable operating models and documentation
• Experience analyzing risk and control metrics and driving remediation outcomes
• Strong stakeholder management across cross-functional and global teams
• Excellent written and verbal communication skills for executive and regulatory audiences
• Ability to translate technical concepts into clear, business-friendly messaging
• Strong prioritization and ability to manage competing deadlines
• Proficiency in Microsoft Office tools (Excel, PowerPoint, Word, SharePoint, Power BI, Teams) and collaboration tools (e.g., Confluence)
• High attention to detail with a continuous improvement mindset

Qualifications

• Bachelor’s degree in IT, Risk, or related discipline (or equivalent experience)
• Industry certifications preferred (e.g., CISSP, CISA, CISM)
• Strong program management experience in regulatory or compliance-driven environments
• Experience with U.S. financial services regulatory bodies (e.g., OCC, FRB) preferred
• Knowledge of U.S. cybersecurity and financial regulatory requirements required
• Advanced Excel skills and ability to analyze large datasets
• Understanding of banking and cybersecurity industry trends
• Strong communication skills with ability to engage technical and non-technical stakeholders

Success Profile

• Ability to lead through influence in a highly regulated, matrixed environment
• Strong ownership mindset for delivering high-quality, deadline-driven regulatory outputs
• Analytical thinker who challenges data and drives accountability
• Highly organized with strong process discipline and documentation skills
• Responsive and adaptable to evolving regulatory demands 

Pay Range: $70-$80/hr

Questions about any of our jobs? Email us at recruiting@lhtservices.com

View all of our open jobs here: jobs.lhtservices.com