Head of Cybersecurity Governance

Role Overview

The Head of Cybersecurity Governance is a senior leadership role responsible for establishing operating and continuously improving the firms cybersecurity governance program. This role owns cybersecurity awareness and training the development and lifecycle management of all security policies and standards and the coordination of cybersecurity regulatory compliance efforts in partnership with Legal Privacy Compliance Risk IT and business teams.

This leader will build and manage a highperforming cybersecurity governance team and serve as a key connector between security strategy regulatory obligations and business execution. The role reports to the Chief Information Security Officer (CISO) and plays a critical role in enabling a strong scalable and compliant cybersecurity posture across the organization.

This role is hybrid with 3 days per week onsite in St. Louis MO New York City NY or Boston MA

Key Responsibilities

Cybersecurity Governance & Policy Management

• Own the cybersecurity governance framework ensuring alignment with enterprise risk management business objectives and regulatory requirements.
• Lead the creation maintenance and periodic review of all cybersecurity policies standards procedures and guidelines.
• Establish and manage a formal policy lifecycle process including approvals exceptions waivers and annual reviews.
• Ensure policies are practical enforceable and clearly mapped to security controls and regulatory obligations.
• Partner closely with Cybersecurity Engineering Operations and Risk Management teams to ensure governance is aligned with realworld controls and practices.

Cybersecurity Awareness & Training Program

• Design implement and continuously improve the enterprise cybersecurity awareness and training program.
• Own mandatory security training phishing simulations rolebased training and executivelevel awareness initiatives.
• Measure training effectiveness through metrics trends and riskbased outcomes.
• Promote a strong security culture across the organization balancing education accountability and business enablement.

Regulatory & Compliance Program Leadership

• Partner with Legal Privacy Compliance and Risk teams to design and operate a cohesive cybersecurity regulatory compliance program.
• Interpret and operationalize cybersecurityrelated laws regulations and standards (e.g. NYDFS GLBA SEC GDPR/CCPA ISO NIST).
• Maintain regulatory mappings between requirements policies controls and evidence.
• Support regulatory exams audits client due diligence and thirdparty assessments related to cybersecurity governance.
• Monitor emerging cyber regulations and assess their impact on the organization.

CrossFunctional Partnership & Stakeholder Engagement

• Act as the primary cybersecurity governance partner for IT Legal Compliance Privacy HR and business leaders.
• Translate regulatory and policy requirements into actionable guidance for technical and nontechnical teams.
• Provide clear executiveready reporting on governance posture compliance status and key risk themes.
• Support boardlevel and executive governance forums with clear concise insights.

Team Leadership & Program Management

• Build lead and mentor a cybersecurity governance team including policy training and compliance specialists.
• Define team structure roles career paths and performance expectations.
• Establish scalable processes tooling and metrics to support governance operations.
• Drive continuous improvement through automation standardization and datadriven decisionmaking.

Qualifications & Experience

• 10 years of experience in cybersecurity governance risk or compliance roles with increasing leadership responsibility.
• Proven experience building and running cybersecurity governance policy and awareness programs in a regulated environment.
• Strong understanding of cybersecurity frameworks and regulatory requirements (e.g. NIST CSF ISO 27001 NYDFS GLBA SEC).
• Demonstrated ability to partner effectively with Legal Compliance Privacy IT and business teams.
• Experience leading and developing teams and managing complex crossfunctional initiatives.
• Exceptional written and verbal communication skills with the ability to influence at senior and executive levels.

#LI-KJ2

This position is an exempt position. The annualized base pay range for this role is expected to be between $200000$225000base salary compensation range. Actual base pay may vary based on factors including but not limited to experience subject matter expertise geographic location where work will be performed and the applicants skill set. The base pay is just one component of the total compensation package. Other rewards may include an annual cash bonus and a comprehensive benefits package including but not limited to medical dental vision life insurance and 401(k). Please note that the job title is subject to change based on the selected candidates experience and education.

About Focus Financial Partners

Focus is a leading financial services firm comprised of integrated wealth management family office and business management services. Blending deep expertise and expansive resources with a boutique client-first fiduciary philosophy Focus helps individuals families and institutions navigate complex financial situations with highly personalized solutions tailored to their unique needs. To learn more about Focus visit follow the company onLinkedIn.

Focus is an equal opportunity employer and bases its employment decisions on the employee or candidates skillset and without regard to an employee or candidates race color religion sex (including pregnancy) gender identity sexual orientation national origin age disability genetic information veteran status or any other characteristic protected by local state and/or federal law.

Focus complies with federal and state disability laws and makes reasonable accommodations for applicants and employees with disabilities. If reasonable accommodation is needed to participate in the job application or interview process to perform essential job functions and/or to receive other benefits and privileges of employment please contact .

The following language is for US based roles only

For California Applicants:Information on your California privacy rights can be found here

For Indiana Applicants: It is unlawful for an employer to discriminate against a prospective employee on the basis of status as a veteran by refusing to employ an applicant on the basis that they are a veteran of the armed forces of the United States a member of the Indiana National Guard or a member of a reserve component.

For Maryland Applicants: I UNDERSTAND THAT UNDER MARYLAND LAW AN EMPLOYER MAY NOT REQUIRE OR DEMAND AS A CONDITION OF EMPLOYMENT PROSPECTIVE EMPLOYMENT OR CONTINUED EMPLOYMENT THAT ANY INDIVIDUAL SUBMIT TO OR TAKE A POLYGRAP OR SIMILAR TEST. AN EMPLOYER WHO VIOLATES THIS LAW IS GUILTY OF A MISDEMEANOR AND SUBJECT TO A FINE NOT EXCEEDING $100.

For Massachusetts Applicants: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this shall be subject to criminal penalties and civil liability.

For Montana Applicants: If hired the employment relationship is governed by the Wrongful Discharge from Employment Act. Mont. Code Ann. Section.

For Rhode Island Applicants: Focus is subject to Chapters 29-38 of Title 28 of the General Laws of Rhode Island and is therefore covered by the states workers compensation law. If you willfully provide false information about your ability to perform the essential functions of the job with or without reasonable accommodations you may be barred from filing a claim under the provisions of the Workers Compensation Act of the State of Rhode Island if the false information is directly related to the personal injury that is the basis for the new claim for compensation. The Company complies fully with the Americans with Disabilities Act.