Global Relay
Director, Governance Risk & Compliance

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Who we are:
For over 25 years, Global Relay has set the standard in enterprise information archiving with industry-leading cloud archiving, surveillance, eDiscovery, and analytics solutions. We securely capture and preserve the communications data of the world’s most highly regulated firms, giving them greater visibility and control over their information and ensuring compliance with stringent regulations.
Though we offer competitive compensation and benefits and all the other perks one would expect from an established company, we are not your typical technology company. Global Relay is a career-building company. A place for big ideas. New challenges. Groundbreaking innovation. It’s a place where you can genuinely make an impact – and be recognized for it.
We believe great businesses thrive on diversity, inclusion, and the contributions of all employees. To that end, we recruit candidates from different backgrounds and foster a work environment that encourages employees to collaborate and learn from each other, completely free of barriers.
Director, Governance Risk & Compliance
Your Role
As Director, Governance Risk & Compliance, you are responsible for defining and leading Global Relay’s Governance, Risk & Compliance function. Reporting to the Chief Information Security Officer, you establish the frameworks, governance structures and operating model that enable consistent security decision-making, transparent risk management and trusted assurance across the organization.
You provide strategic leadership for security governance, risk management, assurance, cybersecurity compliance, third-party risk management and security awareness programs. Working closely with executive leadership, business stakeholders and technology teams, you translate complex security and technology risks into business context, influence strategic priorities and ensure the organization maintains a strong and resilient security posture while meeting regulatory, contractual and organizational requirements. You ensure emerging technologies, including AI, are governed in a manner that aligns with organizational objectives, risk appetite and regulatory obligations.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Your Job
- Define and maintain the enterprise security governance framework, including policies, standards, control frameworks and governance processes.
- Establish and evolve the security risk management methodology, ensuring risks are consistently identified, assessed, managed and reported.
- Lead security governance forums and risk committees, ensuring effective oversight, escalation and decision-making.
- Define and communicate the organization's security risk posture, emerging risks and strategic priorities to executive leadership.
- Establish and oversee the enterprise security assurance strategy, including control testing, continuous assurance and remediation validation activities.
- Oversee security audits, certifications and external assessments, including ISO 27001, SOC 2, FedRAMP, ISO 42001 and other applicable frameworks.
- Establish and oversee governance processes for emerging technologies, including AI, ensuring associated risks, regulatory requirements and control expectations are appropriately integrated into governance, risk management, assurance and compliance activities.
- Provide strategic oversight of third-party security risk management activities.
- Establish and oversee the enterprise security awareness and training program.
- Define security metrics, key risk indicators and reporting requirements to measure program effectiveness and support risk-informed decision-making.
- Partner with Legal, Privacy, Product, Engineering and Operations leaders to integrate security governance and risk management practices across the organization.
- Lead, develop and mentor Governance, Risk & Compliance leaders and analysts.
- Drive continuous improvement and maturity across governance, risk, assurance and security compliance capabilities.
- Act as a trusted advisor to executive leadership on governance, risk, compliance and emerging technology governance matters.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
About You
- 10-15+ years of experience in cybersecurity, governance, risk management, audit, compliance or related disciplines.
- 5+ years of leadership experience managing teams and security programs.
- Strong understanding of governance, risk management, assurance and compliance principles.
- Experience leading audits, certifications and regulatory assessments.
- Deep knowledge of frameworks such as ISO 27001, SOC 2, NIST, FedRAMP and CIS Controls.
- Knowledge of emerging technology governance concepts, evolving regulatory requirements and industry frameworks, including ISO/IEC 42001.
- Experience presenting complex security and technology risks to executive leadership.
- Strong business acumen and the ability to balance risk, operational and business objectives.
- Demonstrated ability to influence organizational decisions and drive change.
- Excellent leadership, coaching and stakeholder management skills.
- Certifications such as CISSP, CISM, CRISC, CISA or equivalent are preferred.
What you can expect:
At Global Relay, there’s no ceiling to what you can achieve. It’s the land of opportunity for the energetic, the intelligent, the driven. You’ll receive the mentoring, coaching, and support you need to reach your career goals. You’ll be part of a culture that breeds creativity and rewards perseverance and hard work. And you’ll be working alongside smart, talented individuals from diverse backgrounds, with complementary knowledge and skills.
Global Relay is an equal-opportunity employer committed to diversity, equity, and inclusion. We seek to ensure reasonable adjustments, accommodations, and personal time are tailored to meet the unique needs of every individual.
To learn more about our business, culture, and community involvement, visit www.globalrelay.com.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location