Security Governance and Controls Sr. Mgr

Job Title

Sr. Manager - Security Governance and Controls

Remote across the United States (excluding Hawaii and Alaska). Based in Arizona – Home Teleworkers.

The Sr. Manager will lead the strategy and execution of security governance and compliance programs that protect systems and data while supporting business goals. The role shapes the company’s security strategy, strengthens compliance, and ensures risks are understood and managed effectively across the organization.

• Set direction for governance, control frameworks, and compliance programs.
• Manage a team (~9) across controls assurance, GRC platform, and audit support.
• Partner with Internal Audit, IT, Security, Risk, Legal, and business leaders.
• Advise on risk, controls, and regulatory requirements.
• Ensure controls are effective, measurable, and audit‑ready.
• Oversee GRC tools to track risks, issues, and remediation.
• Drive continuous improvement aligned to industry standards (NIST, ISO, CIS).
• Lead multiple teams delivering controls, standards, and audit support.
• Partner with stakeholders, auditors, and vendors.
• Assess control effectiveness and overall security posture.
• Provide clear recommendations to reduce risk and improve compliance.
• Maintain security standards and adapt to regulatory changes.
• Use metrics and reporting to drive decisions and performance.
• Ensure readiness for audits and regulatory reviews.

• 10+ years in IT, security, or risk/compliance.
• 5+ years people leadership.
• Bachelor’s degree in Computer Science, Engineering, Business, or related field.
• Knowledge of security control frameworks (e.g., NIST, ISO, CIS), regulatory requirements, and audit practices.
• Familiarity with GRC platforms (Archer) and best practices for risk and compliance management.
• Experience in large, matrixed organizations.
• Ability to adjust focus to meet changing priorities, strategic directions, and shifting customer needs.
• Strong executive‑level relationship skills with auditors and regulators.

• Creates a collaborative, inclusive and psychologically safe environment, demonstrating authenticity and fostering trust.
• Actively shapes company culture through words and actions and supports employee resource groups, mentors, volunteers, and cross‑functional projects.
• Translates enterprise strategy and priorities for team members to connect to the bigger picture.
• Demonstrates enterprise‑wide thinking beyond area boundaries.
• Travels as needed for enterprise meetings and in‑person meetings.
• Fulfills business needs by investing extra time and helping other teams.

• Salary range: $168,300–$224,300, with regional variation.
• Annual discretionary bonus up to 20% of eligible pay through the Annual Incentive Plan.
• 401(k) with company match.
• Remote‑first culture with flexible workplace options.

CSAA Insurance Group is an equal opportunity employer.