×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security

Head of Cybersecurity Governance

Job in Boston, Suffolk County, Massachusetts, 02298, USA
Listing for: Focus Financial Partners
Part Time position
Listed on 2026-05-15
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below

role overview

the head of cybersecurity governance is a senior leadership role responsible for establishing, operating, and continuously improving the firm’s cybersecurity governance program. This role owns cybersecurity awareness and training, the development and lifecycle management of all security policies and standards, and the coordination of cybersecurity regulatory compliance efforts in partnership with legal, privacy, compliance, risk, it, and business teams.

this leader will build and manage a high‑performing cybersecurity governance team and serve as a key connector between security strategy, regulatory obligations, and business execution. The role reports to the chief information security officer (ciso) and plays a critical role in enabling a strong, scalable, and compliant cybersecurity posture across the organization.

this role is hybrid with 3 days per week onsite in st. Louis, mo, new york city, ny or boston, ma.

key responsibilities
  • cybersecurity governance & policy management
  • own the cybersecurity governance framework, ensuring alignment with enterprise risk management, business objectives, and regulatory requirements.
  • lead the creation, maintenance, and periodic review of all cybersecurity policies, standards, procedures, and guidelines.
  • establish and manage a formal policy lifecycle process, including approvals, exceptions, waivers, and annual reviews.
  • ensure policies are practical, enforceable, and clearly mapped to security controls and regulatory obligations.
  • partner closely with cybersecurity engineering, operations, and risk management teams to ensure governance is aligned with real‑world controls and practices.
  • cybersecurity awareness & training program
  • design, implement, and continuously improve the enterprise cybersecurity awareness and training program.
  • own mandatory security training, phishing simulations, role‑based training, and executive‑level awareness initiatives.
  • measure training effectiveness through metrics, trends, and risk‑based outcomes.
  • promote a strong security culture across the organization, balancing education, accountability, and business enablement.
  • regulatory & compliance program leadership
  • partner with legal, privacy, compliance, and risk teams to design and operate a cohesive cybersecurity regulatory compliance program.
  • interpret and operationalize cybersecurity‑related laws, regulations, and standards (e.g., nydfs, glba, sec, gdpr/ccpa, iso, nist).
  • maintain regulatory mappings between requirements, policies, controls, and evidence.
  • support regulatory exams, audits, client due diligence, and third‑party assessments related to cybersecurity governance.
  • monitor emerging cyber regulations and assess their impact on the organization.
  • cross‑functional partnership & stakeholder engagement
  • act as the primary cybersecurity governance partner for it, legal, compliance, privacy, hr, and business leaders.
  • translate regulatory and policy requirements into actionable guidance for technical and non‑technical teams.
  • provide clear, executive‑ready reporting on governance posture, compliance status, and key risk themes.
  • support board‑level and executive governance forums with clear, concise insights.
  • team leadership & program management
  • build, lead, and mentor a cybersecurity governance team, including policy, training, and compliance specialists.
  • define team structure, roles, career paths, and performance expectations.
  • establish scalable processes, tooling, and metrics to support governance operations.
  • drive continuous improvement through automation, standardization, and data‑driven decision‑making.
qualifications & experience
  • 10+ years of experience in cybersecurity, governance, risk, or compliance roles, with increasing leadership responsibility.
  • proven experience building and running cybersecurity governance, policy, and awareness programs in a regulated environment.
  • strong understanding of cybersecurity frameworks and regulatory requirements (e.g., nist csf, iso 27001, nydfs, glba, sec).
  • demonstrated ability to partner effectively with legal, compliance, privacy, it, and business teams.
  • experience leading and developing teams and managing complex, cross‑functional initiatives.
  • exceptional…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search