Head Of Cyber Security Governance

Are you a Cybersecurity Leader with a passion for building resilient organizations and driving strategic change? Guardian is seeking a Security Leader to join our Security Governance team. As the Head of Cyber Security Governance, you will partner with cybersecurity teams and business units to embed security into strategic initiatives.

You will lead the development and continuous improvement of Security Policies and Standards, Cybersecurity Project Advisory Services, and a robust Security Training & Awareness Program. Your role is critical to enhancing Guardian’s security posture through innovation, automation, and operational excellence, while ensuring regulatory compliance and fostering a culture of secure-by-design thinking across the organization.

You will

Security Governance & Strategic Alignment

• Design, implement, and maintain enterprise-wide cybersecurity policies, standards, and procedures that align with industry frameworks and regulatory requirements (e.g., NIST CSF, ISO 27001, CIS Controls, SOC2, PCI-DSS, NYDFS).

• Provide strategic and tactical guidance to business and technology teams on secure architecture, risk mitigation, and compliance.

• Act as a security leader and liaison for designated business units or functions for security considerations across various projects, and initiatives.

• Align cybersecurity strategy with business goals to proactively identify and mitigate risks.

• Collaborate with executives, product leaders, and engineering teams to embed security into development and operations.

• Ensure global cybersecurity services, SLAs, KRIs, and processes meet defined objectives

Risk Management & Governance

• Facilitate risk assessments, threat modeling, and security posture reviews.

• Identify and communicate cybersecurity and third-party risks to business stakeholders.

• Ensure compliance with regulatory frameworks and internal standards.

• Adapt and localize security policies to meet applicable regulatory and business requirements.

Security Programs & Initiatives

• Drive initiatives in cloud security, access controls, third-party risk, and data protection.

• Translate technical risks into business-relevant language for leadership.

• Guide incident response and business continuity planning for critical functions.

Culture, Awareness & Stakeholder Engagement

• Lead the development and delivery of a comprehensive cybersecurity training and awareness program tailored to diverse audiences across the organization. ·Promote a culture of security through engaging campaigns, simulations, and targeted education.

• Provide executive-level reporting on security posture, metrics, and risks.

• Foster a risk-aware, security-conscious culture across teams.

You are

A strategic thinker and hands-on leader who thrives in a collaborative, fast-paced environment. You bring a balance of technical expertise, business acumen, and communication skills that enable you to influence at all levels of the organization.

You have

• 10+ years of experience in information security, IT risk management, or cyber risk consulting

• At least 5+ years in leadership roles interfacing with senior business stakeholders.

• Proven experience in highly regulated industries (e.g., banking, insurance, healthcare, or technology).

• Experience with security in hybrid or cloud-native environments (e.g., AWS, Azure, GCP).

• Familiarity with regulatory and compliance frameworks (e.g., NIST, NYDFS, SOC 2, PCI-DSS).

• Proven experience developing and managing security policies, standards, and awareness programs.

• Strong background in providing security advisory services for IT and business projects.

• Deep knowledge of enterprise security architecture, cloud security, and data governance.

• Strong business acumen with ability to translate security into strategic risk insights.

• Excellent communication, influencing, and stakeholder management skills.

• Ability to balance risk mitigation with business enablement.

• Proven ability to lead cross-functional teams and manage complex initiatives.

• Bachelor’s or Master’s in Information Security, or related field.

• Preferred certifications: CISSP, CISM, CRISC

Reporting Relationships

As our Head of Cyber Security Governance, you will report to our Deputy CISO who reports to the Chief Information Security Officer.

Location

Hybrid: 3 days in the office, 2 days WFH - Hudson Yards, New York City

Salary Range:

The salary range reflected above is a good faith estimate of base pay for the primary location of the position. The salary for this position ultimately will be determined based on the education, experience, knowledge, and abilities of the successful candidate. In addition to salary, this role may also be eligible for annual, sales, or other incentive compensation.

Our Promise

At Guardian, you’ll have the support and flexibility to achieve your professional and personal goals.  Through skill-building, leadership development and philanthropic opportunities, we provide opportunities to build communities and grow your career, surrounded by diverse colleagues with high ethical standards.

Inspire Well-Being

As part of Guardian’s Purpose – to inspire well-being – we are committed to offering contemporary, supportive, flexible, and inclusive benefits and resources to our colleagues. Explore our company benefits at www.guardianlife.com/careers/corporate/benefits. Benefits apply to full-time eligible employees. Interns are not eligible for most Company benefits.

Equal Employment Opportunity

Guardian is an equal opportunity employer. All qualified applicants will be considered for employment without regard to age, race, color, creed, religion, sex, affectional or sexual orientation, national origin, ancestry, marital status, disability, military or veteran status, or any other classification protected by applicable law.

Accommodations

Guardian is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. Guardian also provides reasonable accommodations to qualified job applicants (and employees) to accommodate the individual's known limitations related to pregnancy, childbirth, or related medical conditions, unless doing so would create an undue hardship. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact [email protected].

Current Guardian Colleagues: Please apply through the internal Jobs Hub in Workday.