LevelBlue reduces risk and builds lasting resilience so organizations can innovate and advance their mission with confidence. As the world’s most analyst-recognized and largest pure-play managed security services provider, LevelBlue elevates client outcomes that matter: stronger defense, faster response, and sustained business continuity. LevelBlue combines AI-powered security operations, advanced threat intelligence, and elite human expertise to provide the most comprehensive portfolio of strategic advisory, managed security, offensive security, and incident response services.

At LevelBlue, we're on a mission to help the world become a safer and more trusted digital space. Our work supports a diverse and global workforce—so we're building a security team that can match our scale and ambition.

LevelBlue Office of Security and Trust team is responsible for the security of LevelBlue products, platforms, services, and corporate operations. Under the leadership of the Chief Security and Trust Officer, our goal is to serve as a trusted partner and facilitator for business and technical teams across the organization. Through collaboration, we aim to integrate security into core business practices and processes enhancing our overall cyber resilience. We are very excited to expand the Security and Trust team via our search for an experienced and motivated professional to lead and manage the Governance, Risk, and Compliance (GRC) program.

The GRC Principal will provide expert leadership in all matters pertaining to governance, risk management, and compliance, ensuring risk programs are successfully executed to strengthen and sustain trust with LevelBlue customers, staff, and partners across the world. This role will be responsible for successfully driving outcomes in navigating the opportunities and complexities of an international business experiencing organic and inorganic growth. Managing, assessing, and communicating risks with a variety of audiences to strengthen the secure by design culture.

The GRC Principal will report to the Deputy Chief Security & Trust Officer working closely with cyber defense, security engineering, and combination of technical and business leaders across the organization.

Day in the Life as a GRC Principal

• Work with the team and other leaders to refine and manage enterprise-wide security governance and risk management programs and ensure Security and Trust practices align with business objectives, vision, and evolving risks and compliance challenges.
• Design and drive the integrated risk management strategy, framework, tools, and processes.
• Take responsibility as a leader for delivering outcomes and change in the business. This requires the ability to influence and communicate as much as being a subject matter expert.
• Oversee, manage, and communicate risks.
• Govern, optimize, and monitor policies and policy performance.
• Strengthen cross-functional security governance model and effectively run various governance committees to ensure stakeholders align on the risk acceptance level, and priorities to manage risks.
• Work collaboratively with stakeholders like procurement, legal, IT and others to enhance the third-party risk management program and ensure security risks are addressed from evaluation of the vendors/suppliers and contracts negotiation to ongoing assessment of vendors/suppliers' security posture.
• Set the direction and mature the security awareness and training program. Establish an ongoing awareness and training program to strengthen security culture.
• Enhance GRC dashboard and reporting. Continuously analyze risk control effectiveness of the organization, overall security resilience, risk posture improvement, and maturity growth.
• Work closely with business unit leaders and external entities as needed to support Enterprise Risk Management.

As one of the most senior members of Governance, Risk & Compliance, how results are achieved is paramount for your success and ultimately result in our success as an organization. In this role, your foundational knowledge, skills, abilities and personal attributes are anchored in the following:

• Teamwork, collaboration, and communication: Expressing ideas effectively through speaking, writing, visuals, and non-verbal cues, and listening to understand others.
• Problem solving framework: Simplifying the complex, high quantity, and sometimes contradictory information to effectively drive stronger business outcomes.
• Own the outcomes: Empowered as a leader at LevelBlue, identify key milestones and navigate the pathways for achievement.

Qualifications

• Minimum of 6 years of security experience, with a combined background of technology and compliance, preferred.
• Minimum of 3 years in GRC leadership positions, with experience managing any Security Governance, Risks, and Compliance functions or Internal Audit function.
• Extensive experience in risk management, vendor and client security management.
• Familiarity with cyber security and risk management frameworks, with experience in implementing and applying frameworks into actionable tasks.
• Extensive experience with cloud and AI risk management.
• Experience managing, and working with, global teams.
• Experience in mergers, acquisitions, and divestitures.
• Experienced in management and operations, with a proven record of streamlining processes to boost agility, efficiency, and growth while ensuring security.
• Excellent communication and presentation abilities, enabling clear explanation of complex risk matters to executive management, as well as effective interaction with technology, development, and business partners.
• Demonstrated expertise in relationship management, team development, and facilitation.
• Experience in a complex matrix organization supporting both operational and transformational initiatives for business units, while focusing on Security & Trust goals.
• Demonstrated capability for strategic thinking, combined with a strong sense of urgency and meticulous attention to detail.
• Strong team player that collaborates well with others to solve problems and actively incorporates input from various sources.
• Independent and creative thinker with the willingness to "step outside the box" and take reasonable, calculated risks.
• CISSP and CISM certifications and/or advanced degree.

Education:

• A high school diploma or equivalent is required; a college or university degree is a plus.

Why Join LevelBlue?
At LevelBlue, you’re not just an employee—you’re part of a team making a real difference in the world of cybersecurity. We foster a culture of innovation and creativity where your contributions are valued, and you’ll have the support and resources to grow and thrive.

Benefits and Perks:

• Comprehensive medical, dental, and vision insurance.
• 401(k) with employer matching.
• Generous paid time off and holidays.
• Flexible spending accounts and health savings accounts.
• Employee assistance programs.
• Training and development opportunities.
• Adoption assistance program.

This role is open to candidates legally authorized to work in the United States. At LevelBlue, we support flexible work and bring people together in person for key moments based on role, team, and business needs.

LevelBlue is committed to a culture of respect, inclusion, and equal opportunity. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age, or any other status protected under applicable law.

To all agencies: Please do not contact LevelBlue employees outside of the Talent Acquisition team. LevelBlue’s policy is to only accept resumes from agencies through its approved agency process and with a valid agreement in place. Any resume submitted outside this process will be considered the property of LevelBlue, and no fee will be paid if a candidate is hired from such a submission.

#LI-MC1