Senior Director, Security Governance

Job Description: Senior Director of Security Governance, Risk and Compliance (Ireland)

Location: Ireland (Dublin or Remote)

Reporting to:  Chief Information Security Officer

Job Summary:

ZoomInfo is seeking a strategic and action-oriented Senior Director of Security GRC to mature our enterprise-wide governance, risk, and compliance function. Reporting to the CISO, you have a vision for how AI will be used to transform the GRC function at ZoomInfo, and the skills to execute your vision.  You will also define the guardrails for safe AI innovation, balancing risk mitigation with speed of innovation. You will build and lead a high-performing team based in the US and India to secure our digital growth, manage third-party risk, and simplify audit readiness, ensuring security is a competitive advantage rather than a barrier.  You are also a strong and active contributor who is comfortable as a player-coach, getting into the details alongside your team.

What You’ll Do:

• GRC Strategy & Leadership: Define and execute a GRC roadmap, leading governance, risk, and compliance programs.
• Risk Management: Design and maintain the enterprise risk register, partnering with business leaders to identify, quantify, and mitigate risks.
• Continuous Compliance & Audit: Manage compliance with frameworks (ISO 42001,ISO 27001, ISO 27701, ISO 27017, and SOC2, and CIS Controls) and drive continuous compliance rather than just annual audits.
• Third-Party Risk (TPRM): Build and manage a right-sized vendor risk program, assessing vendor maturity and reviewing security contracts.
• Security Sales Support: Enable ZoomInfo transaction velocity and ensure customer service by building customer trust and rapidly responding to inquiries 
• Automation & Reporting: Leverage Agentic AI and GRC platforms (ServiceNow GRC, Vanta, and others) to automate processes, generate metrics, and deliver executive dashboards.
• Cross-Functional Influence: Act as the key liaison between Security, Legal, Product, and executive leadership to align risk posture with business objectives.

What You Bring:

• Experience: 10+ years in info security/GRC, including 5+ years in a senior leadership role.
• Expertise: Deep knowledge of risk frameworks (NIST AI RMF) and security compliance standards (ISO, SOC 2).
• Actionable Leadership: Proven track record of scaling security teams, maturing programs, and building "security-by-design" cultures.
• Executive Presence: Ability to translate complex technical risks into business-relevant context for executive leadership and customers
• Education: Bachelor’s degree in a relevant field (Master’s/PhD preferred).
• Certifications: CISSP, CISM, CRISC, or CISA strongly preferred.

#LI-AP3

#LI-Remote