Director, Information Security Governance at TekRek — NeverHard

A growing organization with a mature security function is investing in strengthening its enterprise governance, risk, and compliance capabilities. Operating in a regulated environment, the company is focused on building a structured, risk-aligned security posture that supports both operational resilience and ongoing business growth. The environment combines established governance practices with evolving regulatory demands, requiring a leader who can balance strategic direction with hands‑on execution across security programs. The Role This is a senior leadership role overseeing Information Security Governance, Risk, and Compliance. You will own the design and execution of governance frameworks, risk programs, and policy structures while working closely with executive stakeholders. The role suits someone comfortable operating at both board level and in the detail of security controls, assessments, and program delivery. What You Will Do Build and run a comprehensive information security governance and risk program aligned to recognized frameworks such as NIST Lead third‑party security assessments and ongoing vendor risk monitoring, integrating findings into enterprise risk reporting Own the security policy and standards lifecycle, ensuring alignment with regulatory requirements and evolving business needs Develop and maintain incident response and business continuity programs, including regular testing and executive‑level simulations Partner with internal stakeholders and clients on security assurance, audit readiness, and responses to due diligence requests What You Bring Proven experience leading Information Security GRC programs, including risk management, policy governance, and compliance Strong working knowledge of frameworks and standards such as NIST, ISO 27001, and SOC2 Experience managing third‑party risk, security assessments, and control validation across systems and vendors Background in audit engagement and regulatory environments, with exposure to external audits and evidence management Ability to communicate security posture, risk, and program performance to senior leadership and board‑level stakeholders Why This Role This role offers end‑to‑end ownership of a critical security function within a regulated environment. You will shape how governance, risk, and compliance are structured across the organization while working closely with executive leadership and influencing enterprise‑wide security decisions. #J-18808-Ljbffr