Mid Level Governance Risk And Compliance Jobs
Mid level governance risk and compliance jobs go to professionals ready to own risk assessments, lead control testing cycles, and shape compliance frameworks with minimal oversight. Openings run across Technology & Software, Law & Legal Services, and Healthcare & Medical Services, with Figma, Sigma Computing, and Xai among the employers competing for governance risk and compliance talent at this level now.
Find JobsOverview
Showing 5 of 24+ Mid Level Governance Risk And Compliance jobs
FORTNA partners with the world’s leading brands to transform omnichannel and parcel distribution operations. Known world-wide for enabling companies to keep pace with digital disruption and growth objectives, we design and deliver solutions, powered by intelligent software, to optimize fast, accurate and cost-effective order fulfillment and last mile delivery. Our people, innovative approach and proprietary algorithms and tools ensure optimal operations design and material and information flow. We deliver exceptional value every day to our customers with comprehensive services and products including network strategy, distribution center operational design and implementation, material handling automated equipment, robotics and a comprehensive suite of lifecycle services.
At FORTNA, we believe in fostering a workplace that isn't just a job but a movement – a collective effort to redefine success and transform challenges into opportunities. "Join the Movement" encapsulates our commitment to a workplace culture that thrives on collaboration, celebrates diversity, and empowers every individual to contribute to something greater than themselves. Our Team. Our Passion. Our Approach.
Position Summary
We are seeking an experienced Senior Manager, Cybersecurity & Governance, Risk & Compliance (GRC) to lead and mature our enterprise cybersecurity governance, risk management, compliance, and security assurance programs. This role is responsible for ensuring cybersecurity risks are effectively identified, managed, and communicated while maintaining compliance with regulatory requirements and industry security frameworks.
The Senior Manager will partner closely with Security Operations, IT, Legal, Privacy, Internal Audit, business leaders, and third-party providers to strengthen the organization's security posture, drive risk-based decision-making, and support business objectives. This position combines strategic leadership with operational oversight across governance, compliance, risk management, incident management, and vendor security programs.
Key Responsibilities
Governance & Cybersecurity Strategy
- Lead the enterprise cybersecurity governance framework, including policies, standards, controls, and procedures.
- Drive cybersecurity strategy and roadmap initiatives aligned with business goals and risk tolerance.
- Provide leadership with visibility into cybersecurity posture, risks, compliance status, and program effectiveness.
- Lead governance committees and facilitate cross-functional cybersecurity initiatives.
Risk Management
- Conduct enterprise cybersecurity risk assessments and oversee risk treatment activities.
- Maintain the cybersecurity risk register and monitor remediation efforts.
- Evaluate emerging threats, vulnerabilities, and business impacts.
- Perform security reviews for new technologies, projects, and strategic initiatives.
- Lead third-party and vendor security risk assessments and due diligence activities.
Compliance & Security Assurance
- Manage cybersecurity compliance programs aligned with frameworks and regulations.
- Coordinate internal and external audits and oversee remediation of audit findings.
- Ensure security controls, documentation, and evidence repositories support ongoing compliance requirements.
- Monitor and report compliance performance and remediation progress.
Security Operations Oversight
- Partner with Security Operations teams and external providers to strengthen monitoring, threat detection, incident response, and vulnerability management programs.
- Review significant cybersecurity incidents, root cause analyses, and corrective action plans.
- Participate in incident response exercises, tabletop simulations, and post-incident reviews.
- Drive continuous improvement of security controls, detection capabilities, and response processes.
- Monitor security metrics, KPIs, KRIs, and operational reporting.
Third-Party Risk & Security Vendor Management
- Manage relationships with MDR, MSSP, SOC-as-a-Service, and other cybersecurity service providers.
- Review vendor assessments, SOC reports, penetration test results, and compliance documentation.
- Ensure third-party providers meet security, compliance, and contractual obligations.
- Lead vendor risk remediation and ongoing security performance reviews.
Leadership & Stakeholder Engagement
- Lead and mentor cybersecurity governance, risk, and compliance professionals.
- Partner with IT, Security, Legal, Privacy, HR, Audit, and business leaders to address cybersecurity risks and compliance requirements.
- Present cybersecurity risks, compliance status, audit results, and strategic recommendations to senior leadership and governance committees.
- Serve as a trusted advisor on cybersecurity governance, risk management, and regulatory compliance.
Required Qualifications
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
- 12+ years of experience in cybersecurity, information security, risk management, compliance, audit, or security operations.
- 3+ years of leadership or people management experience.
- Experience supporting or partnering with Security Operations (SOC) teams and incident response programs.
- Strong knowledge of cybersecurity frameworks, governance models, and risk management methodologies.
- Experience leading compliance initiatives, audits, and remediation programs.
- Experience managing third-party security assessments and vendor risk programs.
- Strong executive communication, stakeholder management, and presentation skills.
Preferred Qualifications
- Experience with Microsoft security and compliance technologies, including Microsoft Purview and Microsoft Sentinel.
- Experience working with SIEM, SOAR, EDR, MDR, vulnerability management, and GRC platforms.
- Experience within regulated or compliance-driven industries.
- Master's degree in a related discipline.
The base salary range for this role is $133,200 to $199,800. This base salary range represents the low and high end of the base salary range for this position. Actual base salary offered will vary based on various factors including but not limited to location, level, job-related knowledge, skills, experience, and performance.
This job description describes the general nature and level of work expected of a person assigned to this position. All job requirements listed indicate the minimum level of knowledge, skills and/or ability deemed necessary to perform the job proficiently. Employees may be required to perform any other job-related duties as requested by their supervisor.
It is the policy of FORTNA and its affiliated companies to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, pregnancy or pregnancy-related condition, status with regard to public assistance, veteran status, citizenship status (if authorized to work in the U.S.), or any other characteristic protected by federal, state or local law. In addition, FORTNA will provide reasonable accommodations for qualified individuals with disabilities.
See All 24 Mid Level Governance Risk And Compliance Jobs
Find roles that match your experience and apply in just a few clicks.
Find JobsMid Level Governance Risk And Compliance Job Market
Who's Hiring
- Figma3

- Sigma Computing2
- Xai1

- FORTNA1
- Weaver1

Top Industries Hiring
- Technology & Software8
- Law & Legal Services2
- Healthcare & Medical Services2
- Consulting & Professional Services2
- Retail1
Mid Level Governance Risk And Compliance Jobs: Frequently Asked Questions
How do I get a mid level governance risk and compliance job?
Position your experience around ownership, not just participation. Highlight assessments you led, control gaps you identified, or compliance programs you helped build from the ground up. Employers at this level want candidates who can operate with limited direction, so your resume and interviews should emphasize decisions you made independently, stakeholders you managed, and measurable outcomes you delivered.
Which companies hire mid level governance risk and compliances?
Companies hiring mid level governance risk and compliances right now include Figma, Sigma Computing, and Xai, based on current listings on Migrate Mate as of July 2026. Hiring at this level covers large regulated enterprises and mid-size firms building out dedicated compliance and risk functions for the first time.
Are there remote mid level governance risk and compliance jobs?
Yes, though availability varies by employer and specialization. About 41% of mid level governance risk and compliance openings are remote or hybrid as of July 2026, reflecting how much of this work, such as policy review, control documentation, and audit prep, translates well outside a traditional office setting.
How do I move up to a mid level governance risk and compliance role?
Growth into mid level comes from building depth in a specific domain, whether that is IT risk, regulatory compliance, or internal audit, and then demonstrating ownership of real projects. Focus on taking end-to-end responsibility for assessments, earning relevant certifications like CISA or CRISC, and compiling a record of findings you surfaced and remediated. Consistent impact in a junior role is what makes the case.
Which industries hire the most mid level governance risk and compliances?
Mid Level governance risk and compliance roles concentrate in Technology & Software, Law & Legal Services, and Healthcare & Medical Services, based on current listings on Migrate Mate as of July 2026. These sectors face the heaviest regulatory scrutiny and internal audit requirements, creating sustained demand for professionals who can manage frameworks independently at the mid level.