Manager, Technology Risk & Compliance

This role requires a hybrid schedule and will be based in our South Charlotte, NC Headquarters (Tuesday through Thursday) and work fully remotely on Mondays and Fridays each week.

Curious how Shared Services fits into Red Ventures? Click here. 

Red Ventures is hiring a Manager, Technology Risk & Compliance to drive risk management across our organization and influence meaningful change wherever risk is not tolerable. This leader will own the technology risk program across multiple lines of business, from identification and prioritization through remediation and reporting, while establishing trusted partnerships and ensuring compliance obligations are met with rigor and consistency. This is a risk reduction leadership role, not a compliance tracking function. This role includes direct people management responsibility, with a team that grows in scope over time.

What You’ll Do:

• Own the end-to-end technology risk lifecycle across all lines of business, including assessment, prioritization, remediation tracking, and executive reporting, ensuring every risk has a clear owner and is tracked to closure.


• Run the exception program, covering intake, review, approval routing, expiration tracking, and renewal governance, with no exceptions aging without an owner or a remediation commitment.


• Own the vendor and third-party risk assessment program, scoping and sequencing assessments based on exposure and business criticality, and embedding vendor risk review into onboarding and renewal cycles with Procurement and Legal.


• Drive compliance posture across PCI, SOC2, ISO 27001, and NYDFS. Maintain the full obligation calendar, direct the team on assessments and evidence collection, and ensure no regulatory deadline is a surprise.


• Eliminate the highest-friction manual GRC and compliance processes through tooling and workflow automation, targeting meaningful burden reduction within the first year.


• Serve as the security organization's primary interface to the business, building trusted relationships with BU leaders, Engineering, Finance, Legal, and Compliance, and translating risk into financial exposure, operational disruption, and regulatory consequence.


• Lead the organization's AI and emerging technology risk posture, advising on responsible usage, data handling, and access controls, and ensuring AI-related risks are assessed and tracked within the broader risk framework.


• This role includes direct people management responsibility, with a team that grows in scope over time. 

What We’re Looking For:

• Proven risk program ownership: Has built or significantly matured a technology risk lifecycle end-to-end.


• Multi-stakeholder risk communication: Translates technical risk into business impact for non-technical leaders across diverse business units.


• Automation-first mindset: Track record of eliminating manual GRC or security processes through tooling and workflow automation.


• Cross-functional partnership builder: Builds lasting relationships with Engineering, Finance, Legal, or BU leaders to drive risk accountability.


• Security architecture fluency: Understands secure design principles and can lead engineers doing design reviews and risk mitigation work.


• Operates independently: Sets direction, resolves blockers, and escalates only when a true decision is needed.


• AI and emerging tech risk awareness: Can assess and advise on risks from AI adoption, cloud architectures, and third-party integrations.


• People leader who develops talent: Actively grows the team toward greater scope and ownership.

Minimum Qualifications: 

• At least 7+ years of experience in cybersecurity, technology risk, or security operations.


• Demonstrated experience owning a technology risk program, not just contributing to one.


• Experience leading cross-functional risk assessments across multiple business units or technology domains.


• Strong understanding of risk and control frameworks including NIST, ISO 27001, and FAIR.


• Experience in regulated environments including SOC2, PCI, and NYDFS.


• Proven track record of automating manual security or GRC processes.


• Familiarity with AI and ML system risks and modern cloud and SaaS architectures.


• Strong stakeholder influence skills, with the ability to lead without authority.


• Experience managing technical and risk teams.

Preferred Qualifications: 

• Multi-business-unit or holding company experience, with familiarity operating in federated environments where risk priorities and technology stacks vary by business unit.


• Hands-on GRC platform experience with ServiceNow GRC, Archer, OneTrust, Drata, Vanta, or similar, including workflow automation and reporting configuration.


• Has designed a vendor risk assessment program from scratch, not just contributed to an existing one.


• Experience building risk dashboards or executive risk briefings that were used to drive business decisions.

Compensation: 

This range reflects total cash compensation, which may include base salary only or base salary plus target bonus, depending on the role. Where eligible, equity may also be offered separately and not included below. Actual compensation varies based on location, experience, and qualifications.

• Total Cash Compensation Range: $150,000 - $210,000 per year

Additionally, the following benefits are provided by Red Ventures, subject to eligibility requirements.

• Health Insurance Coverage (medical, dental, and vision)


• Life Insurance


• Short and Long-Term Disability Insurance


• Flexible Spending Accounts


• Holiday Pay


• 401(k) with match


• Employee Assistance Program


• Paid Parental Bonding Benefit Program


• Flexible Paid Time Off (PTO): We believe time to rest and recharge is essential.  That’s why we offer a generous and flexible PTO policy.  Full-time employees accrue 20 days of PTO for a full calendar year annually, with an increase to 25 days after five years of service.

Who We Are:

Red Ventures is a global portfolio of high-growth companies — spanning several U.S. businesses, a joint venture in the health services industry, and strategic investments in Europe. Their businesses include The Points Guy, Lonely Planet, Bankrate, the Allconnect Platform, RV Home Client Growth, RV Growth & Transformation, Sage Home Loans Corporation, and more. Across the portfolio, Red Ventures businesses deliver seamless digital experiences for consumers, help Fortune 100 clients solve large-scale digital growth challenges, and create world-class experiences and opportunities for employees. Learn more at redventures.com and follow @RedVentures on LinkedIn and Instagram.

At Red Ventures, we believe diverse, inclusive teams are better. To help you better understand our core values and beliefs, we encourage you to watch this brief YouTube video: Our Belief Statements. This will give you insight into the principles that guide our work and our commitment to fostering an inclusive environment.

Red Ventures is an equal opportunity employer that does not discriminate against any employee or applicant because of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or any other basis protected by law. Employment at Red Ventures is based solely on a person's merit and qualifications. 

We are committed to providing equal employment opportunities to qualified individuals with disabilities. This includes providing reasonable accommodation where appropriate. Should you require a reasonable accommodation to apply or participate in the job application or interview process, please contact [email protected]. 

If you are based in California, we encourage you to read this important information for California residents linked here.

At Red Ventures, we believe in real human connection. That’s why we do not hire someone through text, social media, or email only. As part of the hiring process, you should expect live conversations with RV teammates before any offer is made. Also, keep an eye on the sender: we only use official @redventures.com email addresses at the portfolio level or business specific email addresses (e.g., @thepointsguy.com), not ones like “redventurescareer.com.” We will never ask candidates to send money, buy equipment, or share financial account info during your journey with us. You can always find our open roles on redventures.com— if you receive a message that seems suspicious, please use redventures.com to verify the opportunity.

For more, the U.S. Federal Trade Commission has published helpful articles to help individuals learn more about protecting themselves from recruiter scams. If you think you’ve been targeted, feel free to report it to your local authorities. Stay safe out there!

#LI-LM2 #LI-HYBRID

Click here for more details regarding the employee privacy policy: https://www.redventures.com/legal/us-emp-privacy-notice

Questions about this Privacy Notice can be directed to [email protected]. Alternatively, you may raise any questions or concerns to your manager, HR Business Partner, or through the Privacy Team.