VP Data Risk

Gravity IT Resources

Job Title: VP, Data Risk

Location: Remote

Job-Type: Permanent

Referral Fee: +/- $4,000

Employment Eligibility: Gravity cannot transfer nor sponsor a work visa for this position. Applicants must be eligible to work in the U.S. for any employer directly (we are not open to contract or “corp to corp” agreements).

Position Overview

The VP Data Risk is accountable for establishing the framework, articulating the strategy and leading the development of our client's Governance, Risk Management and Compliance Controls ecosystem to meet Board, Senior Management, and Regulatory expectations, in conjunction with other teams across the enterprise.


  • Partner with teams in the Business, Information Security, Finance, Audit, and IT and other departments to implement an action-orientated data risk plan.
  • Develop and revise relevant documentation including roles and responsibilities, process flows and policies & procedures.
  • Develop communication strategy for verbal and written communications for the second line of defense to raise awareness of the overall program, ensure engagement and update on progress against plan.
  • Evolve, coordinate and manage the development of a GRC platform for IT Risk, Data Risk and Privacy.
  • Determine procedures for the aggregation of high-quality, accurate data from multiple information sources.
  • Lead discussions with Senior Management and other key stakeholders on reporting frequency and executive-level escalation.
  • Collaborate with subject matter experts, control owners, business stakeholders and others to develop, support and advance the GRC platform
  • Ensure strategy includes a plan for transition to the ecosystem and any related tech platform that minimizes gaps and allows for continuous enhancement.
  • Manage a team of remote GRC and data risk professionals. 
  • Performs other duties as assigned.



  • 8-10 years of total work experience required, with 2-4 years of management experience, preferred.
  • Financial services experience, preferably in Risk & Compliance.
  • Experience implementing and scaling GRC programs.
  • Experience with the cybersecurity and privacy control frameworks, such as NIST and FAIR.
  • Experience in testing controls (such as SOX) and partnering with stakeholders on remediation.
  • Experience as a team leader and collaborating in a team environment with remote colleagues.
  • Experience and gravitas in interacting with senior managers.
  • Proven project management experience with excellent analytical/problem solving skills.
  • Experience in leading multiple projects and groups while effectively supporting teamwork and achievement of team objectives in a fast-paced environment.
  • Familiarity with working on mergers, acquisitions and divestitures. 
  • Exceptional verbal and written communication skills are essential as is the ability to lead through influencing and persuasion and to relate well to people in a credible manner. 
  • Ability to work successfully with a diverse set of individuals and constituencies, and to be adept at advocating for, recommending and building consensus around suggested improvements. 
  • Ability to synthesize complex issues and data and communicate in a manner that's clear and concise. 
  • Possess strong analytical & process orientation.