Senior Cybersecurity Governance, Risk and Compliance; GRC Associate

Join a team that values your ambition and empowers your growth. At Corient, we help high‑ and ultra‑high‑net‑worth individuals and families enjoy a full life while preserving their wealth for future generations and supporting the causes and communities they care about. We focus on exceeding expectations, simplifying lives, and establishing legacies that last for generations.

The Sr. Cybersecurity Governance, Risk, and Compliance (GRC) Associate supports the organization’s GRC program with a focus on security framework compliance and information security risk management. Reporting to the Vice President of Information Security Governance, Risk, and Compliance, the Sr. Cybersecurity GRC Associate contributes to the security program’s maturity by applying secure‑by‑design, defense‑in‑depth, and least privilege principles and aligning with industry standards, regulatory requirements, and internal policies.

• Maintain and enhance the Information Security Policy Framework, ensuring alignment with regulatory requirements and industry standards (e.g., NIST, ISO, CIS).
• Collaborate with stakeholders to ensure policies are understood, adopted, and enforced across the organization.
• Implement and operationalize the GRC platform; create and maintain automated workflows, associated processes, and related documentation.
• Maintain the enterprise Information Security Risk Register and perform periodic and ad hoc risk assessments.
• Monitor and report on meaningful metrics and reporting, including Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs).
• Support risk treatment planning and execution, ensuring alignment with the organization’s risk appetite.
• Perform third‑party risk assessments and ongoing oversight activities.
• Facilitate security compliance framework assessments, control narrative creation, and evidence collection.
• Conduct control testing, identify deficiencies, and drive remediation efforts.
• Support the development and ongoing maintenance of an integrated control framework to assess and monitor compliance.
• Promote a security‑first mindset across the organization.
• Contribute to the development and delivery of security awareness programs.

• Bachelor’s degree or equivalent experience; relevant certifications preferred (e.g., CBCP, MBCP, MBCI, FBCI).
• 3–6+ years’ experience in cybersecurity GRC and/or BC/DR roles, ideally within financial services.
• Strong analytical and critical‑thinking skills and the ability to organize work in a logical, thorough, and succinct manner.
• Highly self‑motivated, results‑orientated, and self‑directed to handle multiple ongoing tasks.
• Flexibility to adapt to changing assignments and ability to effectively prioritize.
• Effective written and verbal English communication at all levels.
• Demonstrated ability to operate and innovate in a small team with a fast‑paced environment, balancing both strategic and tactical needs.

• 401(k) plan with employer matching
• 4 medical plan options generously subsidized by Corient
• Employer‑paid dental, vision & life insurance
• AD&D insurance
• Employer‑paid short‑term & long‑term disability
• Paid maternity & parental leave
• Flexible Spending Accounts & Health Savings Accounts
• Dependent care FSA
• Commuter & transit FSA
• Corporate discount program (Perkspot)
• Training reimbursement
• Paid professional designations
• Volunteer days

This position is exempt and is paid according to the laws of the State of Illinois. The pay range for this position is $96,600 – $130,000 USD per year. This position requires the physical capabilities to work in an office environment, which may include prolonged periods of sitting at a desk and working on a computer. The position may require the ability to lift up to 15 pounds and requires onsite work 4 days per week.

Must be 18 years of age or older. Must have unrestricted work authorization to work in the United States. Corient hires U.S. citizens or permanent residents. Corient participates in E‑Verify and will require proof of work authorization.

We are an equal opportunity employer. All candidates will be recruited and, if applicable, selected and employed without regard to sex, race, religion, marital status, veteran status, age, national origin, sexual orientation, gender identity, color, creed, ancestry, disability, genetic information or any other basis prohibited by law.