Director of Governance, Risk, and Compliance (GRC) at Accrete
Accrete · New York, United States Of America · Onsite
- Senior
- Office in New York
Office Location: NYC or Alexandria
Accrete is a dynamic and innovative company focused on transforming the future of artificial intelligence. We specialize in creating advanced AI solutions that turn complex data into actionable insights, driving real-world impact for businesses and government organizations. Our team thrives on creativity and collaboration, working together to push the boundaries of AI technology.
At the core of our offerings are our AI agents, designed to autonomously analyze data, generate insights, and make intelligent recommendations. These agents help businesses streamline operations, improve decision-making, and also empower government entities to enhance security, intelligence, and operational efficiency
Role Overview
We are seeking an experienced Director of Governance, Risk, and Compliance (GRC) to lead Accrete’s information security governance programs. This individual will play a critical role in shaping our risk management and compliance strategy, ensuring alignment with industry best practices and federal requirements (FedRAMP, NIST, DoD IL frameworks, etc.).
The ideal candidate brings ~15 years of experience in Information Security and IT, with deep expertise in risk management, regulatory compliance, and enterprise governance. This is a highly visible leadership position that reports to the Chief Information Security Officer (CISO) and partners across engineering, operations, and executive leadership.
Key Responsibilities
- Governance & Strategy
- Develop, implement, and maintain the enterprise GRC framework.
- Establish security governance policies and drive adoption across the organization.
- Advise executive leadership on risk posture, compliance status, and remediation priorities.
- Risk Management
- Lead enterprise-wide risk assessments, threat modeling, and third-party/vendor risk programs.
- Maintain and continuously improve the risk register, aligning with corporate objectives and federal mandates.
- Ensure effective mitigation strategies are identified, implemented, and monitored.
- Compliance & Regulatory
- Oversee compliance with FedRAMP, NIST 800-53, ISO 27001, DoD IL2–IL5 requirements, and other relevant frameworks.
Ensure timely development and submission of required security documentation (e.g., OSCAL, SSPs, POA&Ms). - Partner with auditors, assessors, and government agencies during compliance reviews.
- Oversee compliance with FedRAMP, NIST 800-53, ISO 27001, DoD IL2–IL5 requirements, and other relevant frameworks.
- Security Controls & Evidence Management
- Drive the collection and maintenance of evidence to support audits and continuous monitoring.
- Ensure SBOM/VEX, software signing, and admission control policies meet regulatory standards.
- Oversee automation and tooling to streamline compliance workflows.
- Leadership & Collaboration
- Build and lead a high-performing GRC team.
- Collaborate with engineering and DevSecOps teams to align compliance with CI/CD pipelines.
- Foster a culture of accountability, awareness, and security-first thinking across the enterprise.
Qualifications
- ~15 years of progressive experience in Information Security and IT, with at least 10 years in risk and compliance leadership.
- Deep understanding of GRC frameworks, risk methodologies, and regulatory standards (NIST, FedRAMP, ISO, SOC, CMMC).
Demonstrated success leading enterprise risk and compliance programs in regulated industries (defense, federal, financial, or similar). - Strong background working with government security standards (IL2–IL5 environments).
- Experience with compliance automation tools, CI/CD pipeline integration, and modern security tooling.
- Proven ability to engage with senior executives, regulators, and auditors.
- Exceptional communication, leadership, and organizational skills.
- Bachelor’s degree in Computer Science, Information Security, or related field (Master’s preferred).
- Relevant certifications strongly preferred (CISSP, CISM, CRISC, CISA, CCISO)
- TS/SCI a plus.
Salary Range: 200k-250k
The salary range provided reflects the estimated compensation for this role based on the expected qualifications and experience level. The final offer may vary depending on factors such as skills, experience, and alignment with role requirements.
Core Values & Expectations:
Impact
You take full ownership and accountability for your work, consistently seeing projects through from inception to completion with a strong bias for action. Proactively identifying challenges, you drive solutions rather than waiting for direction, and hold yourself and others to the highest standards for delivering results. With strategic thinking and a problem-solving mindset, you make informed decisions leveraging data and expertise, always looking for ways to improve processes, optimize workflows, and enhance outcomes beyond your immediate responsibilities.
Collaboration
You work seamlessly across teams, prioritizing shared goals and team success over individual credit. Engaged listening and open, candid communication are at the heart of your approach, ensuring alignment and synergy throughout the organization. You value diverse perspectives, seeking input from others to drive better results. By treating colleagues with respect and professionalism, you help build a culture of trust, supporting each other through challenges, celebrating successes, and constructively addressing conflicts to strengthen relationships and improve outcomes.
Passion for AI & Innovation
You are deeply excited about the transformative potential of AI and committed to contributing to a company shaping the future of work. With curiosity and a growth mindset, you continuously seek to learn, adapt, and stay at the forefront of new developments. Your enthusiasm for innovation drives you to explore new ideas, challenge the status quo, and find creative solutions that deliver meaningful impact. You approach your work with energy and a desire to advance both technology and the way we work.
Company Benefits
- Competitive Salary: Aligned with experience and market standards
Comprehensive Insurance: Health, dental, and vision coverage for you and your family
401(k) Plan: Build your financial future with our retirement savings plan - Flexible PTO & Hybrid Work: Take time off when needed and enjoy remote flexibility per company guidelines
- Growth & Development: Access professional learning opportunities and career advancement support
- Onsite Perks: Enjoy catered lunches, snacks, and a fully stocked kitchen
- Team Bonding: Company-sponsored happy hours and social events to connect and unwind