Head of GRC Technology

FactSet creates flexible, open data and software solutions for over 200,000 investment professionals worldwide, providing instant access to financial data and analytics that investors use to make crucial decisions.  

At FactSet, our values are the foundation of everything we do. They express how we act and operate, serve as a compass in our decision-making, and play a big role in how we treat each other, our clients, and our communities. We believe that the best ideas can come from anyone, anywhere, at any time, and that curiosity is the key to anticipating our clients' needs and exceeding their expectations.  

Your Team's Impact

The Information Security team at FactSet drives cybersecurity governance, risk, and compliance across the Technology organization. The team is responsible for ensuring that technology systems, infrastructure, and projects are effectively managed and optimized to meet regulatory requirements. This includes promoting cross-functional collaboration, managing the lifecycle of technology initiatives, and ensuring compliance and risk management within technology operations. 

We are seeking an experienced, proactive leader with deep technical knowledge and exceptional analytical skills who can collaborate with key stakeholders and manage technological risk across the organization. The successful candidate will work with IT, compliance, and security teams to develop audit frameworks, assess risks, and drive actionable recommendations for continuous improvement. Responsibilities will include partnering on internal and external audits, preparing reports for senior management, and providing strategic guidance to ensure FactSet's technology practices align with regulatory standards. This critical role will be instrumental in upholding FactSet's commitment to operational excellence and risk management. 
 

The Head of GRC Technology in Technology Risk Management, will be responsible for designing and implementing the GRC solutions, develop workflows for controls, issue management, risk assessments, audits, identifying technology-related risks, evaluating IT General Controls, and providing strategic recommendations to strengthen our IT framework. This role involves supporting both external and internal technology audits by assessing the security, and compliance of our IT systems, policies, and procedures. This is a critical role for ensuring our organization meets regulatory requirements and maintains high standards in cyber security and operational effectiveness. 

What You'II Do

• Deploy and implement next generation GRC solution.

• Hands-on experience implementing AuditBoard or equivalent.

• Build and management process for risk assessment, issue management, audit management, ITRM, TPRM.

• Support and oversee comprehensive technology audits, including assessments of IT General controls across the environment. 

• Collaborate with external auditors to coordinate and support annual technology audits, ensuring audit requirements and timelines are met.

• Identify, assess, and prioritize technology-related risks across the organization, with a focus on cybersecurity, data protection, and operational resilience. 

• Review and evaluate the design and effectiveness of IT General Controls, recommending improvements as necessary. 

• Ensure IT processes, systems, and controls align with regulatory requirements (e.g., SOX, GDPR, DORA) and industry standards (e.g., ISO 27001, NIST). 

• Support compliance teams in responding to internal and external audits and inquiries regarding IT systems and data management practices. 

• Partner with IT, security, and compliance teams to provide insights on risk mitigation strategies, control enhancements and findings remediation. 

• Communicate audit findings and recommendations to senior management and key stakeholders, helping to shape a culture of continuous improvement and risk awareness. 

• Oversee the preparation of audit reports, including executive summaries, findings, and actionable recommendations for improvement. 

• Monitor industry trends, regulatory changes, and emerging risks to refine and enhance audit methodologies and best practices. 

• Implement automated audit tools and data analytics to improve audit efficiency, coverage, and accuracy.

• Excellent communication and interpersonal skills, with the ability to collaborate effectively across functions and levels. 

What We're Looking For

• Bachelor's degree in information technology, Computer Science, Accounting, or a related field. Master's degree is preferred. 

• 12+ years of experience in technology, security and risk management

• Strong knowledge of IT risk assessment, IT General Controls, NIST framework, and other compliance frameworks. 

• Expertise in implementing and management of GRC tools. (Must have)

• Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) are strongly preferred.

What's In It For You 

• At FactSet, our people are our greatest asset, and our culture is our biggest competitive advantage. Being a FactSetter means: 

• The opportunity to join an S&P 500 company with over 45 years of sustainable growth powered by the entrepreneurial spirit of a start-up.

• Support for your total well-being. This includes health, life, and disability insurance, as well as retirement savings plans and a discounted employee stock purchase program, plus paid time off for holidays, family leave, and company-wide wellness days.  

• Flexible work accommodations. We value work/life harmony and offer our employees a range of accommodations to help them achieve success both at work and in their personal lives. 

• A global community dedicated to volunteerism and sustainability, where collaboration is always encouraged, and individuality drives solutions. 

• Career progression planning with dedicated time each month for learning and development. 

• Business Resource Groups open to all employees that serve as a catalyst for connection, growth, and belonging. 

• Learn more about our benefits here. 
   

  Salary is just one component of our compensation package and is based on several factors including but not limited to education, work experience, and certifications. 

Company Overview: 

FactSet (NYSE:FDS | NASDAQ:FDS) helps the financial community to see more, think bigger, and work better. Our digital platform and enterprise solutions deliver financial data, analytics, and open technology to more than 8,200 global clients, including over 200,000 individual users. Clients across the buy-side and sell-side, as well as wealth managers, private equity firms, and corporations, achieve more every day with our comprehensive and connected content, flexible next-generation workflow solutions, and client-centric specialized support. As a member of the S&P 500, we are committed to sustainable growth and have been recognized among the Best Places to Work in 2023 by Glassdoor as a Glassdoor Employees' Choice Award winner. Learn more at  and follow us on X and LinkedIn. 

At FactSet, we celebrate difference of thought, experience, and perspective. Qualified applicants will be considered for employment without regard to characteristics protected by law.