Senior Manager, Governance, Risk and Compliance (REMOTE)

GEICO is seeking an experienced and strategic Senior Manager of Governance to lead and enhance our organization's governance and automation programs. GEICO is transforming cybersecurity with automation and a risk-based approach. In this role, you will develop and maintain policies, implement continuous compliance monitoring in a multi-cloud and data center environment, and ensure we meet all regulatory compliance and contractual obligations. The ideal candidate will have a proven track record of building effective governance frameworks, automating continuous compliance, creating metrics, meeting all regulatory cyber requirements, demonstrating strong leadership capabilities, and possessing a collaborative mindset.

This is a people manager role.

1. Enhance and mature the existing governance framework and processes to support strategic objectives while meeting regulatory compliance obligations.
2. Define and implement policies, standards, and controls that support risk mitigation and compliance efforts.
3. Ensure cybersecurity exceptions and acceptances do not introduce aggregated risk and address the root causes of systemic exceptions.
4. Define and create dashboards to demonstrate the security posture of the organization.
5. Collaborate on risk management activities related to cyber risks and ensure all cyber risks are accurately managed to closure.
6. Design and implement continuous compliance automation in a multi-cloud and data center environment.
7. Monitor and ensure compliance with regulatory requirements such as NY DFS, PCI DSS, and other standards.
8. Design a governance program to pass all audits and maintain 100% compliance for cybersecurity controls.
9. Manage all cyber issues to closure.
10. Lead internal and external audits, coordinating efforts across the cyber team to ensure audit readiness and successful outcomes.
11. Maintain awareness of emerging regulatory trends and implement necessary adjustments to policies and controls.
12. Build, mentor, and lead a high-performing governance team, fostering a culture of accountability, innovation, and continuous improvement.
13. Promote collaboration and alignment between the governance team and other functions such as IT, Legal, Privacy, Compliance, and Business Units.
14. Regularly report to executive leadership on governance metrics and initiatives.
15. Report on team progress for projects and other key metrics, providing detailed and actionable ideas for process or operating model improvements.
16. Initiate and support performance evaluations of team members.
17. Cultivate a motivating culture that encourages achievement at all levels.
18. Execute change management processes and adapt approaches as necessary.
19. Build and maintain trusting relationships with team members.
20. Proficiently handle difficult conversations regarding development and performance.
21. Manage upward to leadership and provide feedback when appropriate.
22. Administer coaching plans and Performance Improvement Plans.
23. Contribute significantly to team planning processes.

• Deep understanding of Governance, Risk and Compliance, cybersecurity domains, and regulatory frameworks.
• Experience managing technical compliance engineers.
• Proven success implementing large-scale enterprise initiatives.
• Deep technical understanding of cloud-hosted environments, preferably MS Azure.
• Reputation for effective engagement with team members.
• Genuine care for others, investing in career counseling and growth of team members.
• Initiative and creativity in solving problems and driving innovation.
• Clear and concise communication skills tailored to the audience.
• Ownership and leadership maturity, embracing successes and failures.
• Ability to manage multiple assignments across teams.
• Confidence in decision-making.

• 7+ years in governance, risk, and compliance, with at least 4 years in a leadership role.
• Experience managing a governance program in a multi-cloud/hybrid environment.
• Strong knowledge of regulatory frameworks and standards such as NY DFS, PCI DSS, NIST CSF, ISO 27001.
• Relevant certifications (e.g., CISSP, CISM, CISA, CRISC) preferred.
• Strong understanding of security controls in multi-cloud and data center environments.
• Proven experience managing audits and regulatory engagements.
• Excellent verbal and written communication skills for diverse audiences.
• Experience in strategic planning, roadmaps, budgeting, and resource allocation.
• Problem-solving skills, proactive approach, and ability to thrive in ambiguity.
• Bachelor’s degree in Computer Science, Information Systems, or equivalent experience.

Annual Salary: $120,000.00 - $260,000.00

The above salary range is a guideline. Factors such as scope, responsibilities, experience, education, location, and market considerations influence the final offer.