The Manager of Governance, Risk and Compliance (GRC) plays a critical mid-level leadership role within the Information Security function, responsible for translating strategy into operational execution across the GRC program. Reporting to the Director of GRC, this role provides daily oversight of analysts and leads, drives process maturity, and ensures consistent delivery of risk, audit, policy, and continuity efforts. The Manager of GRC helps shape the enterprise’s risk posture while mentoring a high-performing team and fostering cross-functional collaboration. This role requires a deep understanding of regulatory frameworks and an ability to communicate complex risk concepts in clear, actionable terms. The ideal candidate will proactively identify control gaps, coordinate effective mitigation, and ensure security efforts remain aligned with evolving business needs.
Enterprise Cyber Risk Management:
Management & Collaboration:
Oversee GRC team operations, assigning work, setting priorities, and ensuring effective collaboration.
Foster a high-performing, collaborative team culture through coaching, accountability, and career development.
Business Continuity and Disaster Recovery (BC/DR):
Managed Security Service Provider (MSSP) and Third-Party Security Incidents:
Own vendor incident response governance program and playbooks.
Ensure vendors provide formal evidence of incident containment and remediation and ensure compliance with security requirements before closing a third incident.
Consolidate third party incident and GRC-owned MSSP results into executive dashboards.
Embed incident response obligations into contracts and procurement.
Establish metrics to evaluate the success of training initiatives, including trends in knowledge retention, behavior changes, and overall effectiveness of the security culture.
-
8+ years in security governance, risk, or compliance roles.
-
Demonstrated success in leading cross-functional projects.
-
Deep understanding of controls, audits, and frameworks.
-
Maintain relevant certifications such as CISM, CISSP, or CISA.
-
Communicate effectively with technical and non-technical stakeholders.
-
Resolve conflicts and drive consensus across teams.
-
Provided leadership and oversight for a cybersecurity team of 3+ members
-
Mentor team members and model professional behavior.
-
Bachelor's degree in Information Systems, Cybersecurity or related field required; Master's preferred.
-
Target Pay Range: $115,000 – $167,500 annually
This position has a target starting salary range of $115,000 – $167,500 annually. Actual pay is determined by a variety of factors, including but not limited to, qualifications, education, job-related skills, relevant experience, and geographic location.
#LI-JL2
You will enjoy competitive wages, flexible hours, and an associate discount. Burlington’s benefits package includes medical, dental and vision coverage including life and disability insurance. Full-time associates are also eligible for paid time off, paid holidays and a 401(k) plan.
We are a rapidly growing brand and provide a variety of training and development opportunities so our associates can grow with us. Our teams work hard and have fun together! Burlington associates make a difference in the lives of customers, colleagues, and the communities where we live and work every day. Burlington Stores, Inc. is an equal opportunity employer committed to workplace diversity
Individual pay decisions will be based on a variety of factors, such as but not limited to, qualifications, education, job-related skills, relevant experience, and geographic location.