Senior Security Governance Manager
Yext (NYSE: YEXT) is the leading brand visibility platform, built for a world where discovery and engagement happen everywhere — across AI search, traditional search, social media, websites, and direct communications. Powered by over 2 billion trusted data points and a suite of integrated products, Yext provides brands the clarity, control, and confidence to perform across digital channels. From real-time insights to AI-driven recommendations and execution at scale, Yext turns a brand's digital presence into a competitive advantage, which is only possible through our team of innovators and enthusiastic collaborators. Join us and experience firsthand why we are consistently recognized as a ‘Best Place to Work’ globally by industry leaders such as Built In, Fortune, and Great Place To Work®!
We are seeking a highly motivated Senior Security Governance Manager to strengthen our cybersecurity program and ensure effective governance across key initiatives. This role will serve as a trusted advisor to the CISO, overseeing cybersecurity risk management, developing control & prioritization frameworks, and creating metrics that measure program maturity, risk assessment/reduction, and business alignment. The ideal candidate is a strategic thinker who can balance governance discipline with business agility, ensuring that security investments deliver measurable outcomes.
What You'll Do
Program Oversight & Governance
● Oversee the execution of cybersecurity initiatives, ensuring alignment with business objectives, compliance obligations, and risk management priorities.
● Develop and maintain a comprehensive security governance framework aligned with industry standards (NIST CSF 2.0, ISO/IEC 27001, or SOC 2).
● Manage the Threat Management program, which assesses, identifies, quantifies, and prioritizes risk reduction.
● Maintain an up-to-date catalog of cybersecurity projects and initiatives, tracking progress, risks, and dependencies to ensure effective management and oversight. Build and facilitate governance channels, such as Risk advisories/meetings, to provide visibility, accountability, and decision-making support.
● Author and enforce technical security policies that are practical, enforceable, and aligned with legal requirements (GDPR, CCPA, etc.).
● Maintain the existing working group meetings to identify new risks, track remediation progress, and manage the threat register.
Prioritization & Strategic Alignment
● Develop and maintain a cybersecurity control & project prioritization framework based on business risk, regulatory requirements, and resource capacity.
● Conduct technical risk assessments of cloud environments, third-party vendors, and internal systems to identify vulnerabilities and mandate remediation.
● Partner with security leaders, IT, Internal Audit, Engineering, and business stakeholders to recommend the sequencing of initiatives that maximize impact.
● Provide the CISO with clear recommendations on project trade-offs and resource allocation before executing projects. These outcomes should be based on outstanding risk to the business.
Metrics & Reporting
● Define and track key performance indicators (KPIs) and key risk indicators (KRIs) to measure the effectiveness of security programs and identify areas for improvement.
● Build executive-level dashboards and reports that translate technical program data into business-relevant insights.
● Support board and executive reporting by providing crisp, data-driven updates on program status and risk posture.
Risk & Compliance Alignment
● Ensure that security initiatives support compliance requirements, as applicable, by partnering with the Security Assurance & Finance team.
● Collaborate with Enterprise Risk Management and Internal Audit teams to maintain alignment between cybersecurity program maturity and business outcomes.
● Act as a bridge between technical teams and senior management, ensuring clear communication of priorities, risks, and progress.
● Influence and educate stakeholders on cybersecurity governance principles and the business value of security investments.
● Mentor team members and foster a culture of accountability and continuous improvement.
What You'll Have
● Proven track record in program management or governance within a security or risk context.
● Strong understanding of cybersecurity frameworks (e.g., NIST CSF, ISO 27001, CIS Controls).
● Experience creating executive-level metrics and dashboards.
● Excellent communication and presentation skills, with the ability to convey technical concepts in business terms.
● Prior experience working in a CISO office or security governance function.
● Familiarity with regulatory and compliance standards across multiple industries.
● Project management certification (PMP, PRINCE2, or similar) or governance certifications (CGEIT, CRISC, CISM).
#LI-JB2
Pay ranges at Yext are established based on an analysis of salaries for positions with a similar level of accountability and impact in the relevant labor market. Salary levels are expected to change to reflect an employee’s job performance (results and impact) over time. Salaries at the time of hire are typically offered in the lower to middle of the above-referenced range in order to provide the opportunity to reflect performance-based increases over time. In addition to base salaries, employees at Yext are typically eligible for a comprehensive package of benefits including medical, dental and vision benefits; life insurance; short term and long-term disability; 401(k) retirement plan; and vacation and sick leave. Successful candidates may also be eligible for equity (stock) based compensation and/or variable pay programs based on performance relative to goals and targets.
Annual Base Pay Range
$136,800 - $228,000 USD
Yext is an equal opportunity employer committed to building a results-driven, engaging culture where every employee has the opportunity to contribute to the success of the Company, perform at the highest possible level, and grow their skills and capabilities. Yext welcomes employees and applicants of all backgrounds and demographics, and does not engage in discrimination on the basis of any protected characteristic recognized under applicable law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. The Company believes a broad variety of life experiences across the Yext team is critical to its mission to help every business in the world be visible everywhere customers search. By seeking out fresh perspectives and fostering a positive interview experience and employee experience, Yext can remain at the forefront of innovation, and better serve its customers.
It is Yext’s policy to provide reasonable accommodations to people with disabilities as required by applicable law. If you have a disability that requires an accommodation in completing this application, interviewing, or participating in the employee selection process, please complete this form.
Security Alert
All legitimate Yext communications come from @yext.com email addresses. Messages from other domains (for example, @yext.team) are not authorized and are likely fraudulent. If you receive a message that seems suspicious, do not share personal information, click on links, or provide payment. Instead, please report the communication to security@yext.com.
Create a Job Alert
Interested in building your career at Yext? Get future opportunities sent straight to your email.
Apply for this job
*
indicates a required field