Director of Governance, Risk & Compliance (GRC) (Volunteer)

Mentor A Promise is a New York City–based nonprofit serving children and youth (ages 5–18) experiencing housing instability, grounded in the belief that every child is a Promise—full of potential, dignity, and possibility. We deliver consistent, high-quality programming across mentorship, literacy, social-emotional learning, and creative expression in shelters, schools, and community spaces, creating structured environments where students can grow, be seen, and build lasting skills. Through signature experiences like The Imagination Studio, The Kitchen Table, The Sound Lab, and The Story Space, we nurture academic development, emotional well-being, and creative voice, all within a trauma-informed, culturally responsive, and accessibility-centered framework. Our work prioritizes dignity-protective storytelling, consent-driven engagement, and deep community partnership, ensuring that how we serve is as intentional as whom we serve. We are not only addressing immediate needs - we are building pathways to confidence, belonging, and long-term opportunity, so every child has the support and foundation to carry their promise forward.,Director of Governance, Risk & Compliance (GRC) (Volunteer)PromiseShield | Security Governance, Risk Management & ComplianceOrganization Mentor A Promise (MAP)Division PromiseShieldLocation Remote / Hybrid (NYC Collaboration as Needed)Type Volunteer Leadership RoleReports To Chief Security Officer / Chief of Digital Governance & InfrastructureWorks Closely With Chief Security Officer, Chief of Digital Governance & Infrastructure, PromiseShield Privacy & Security Teams, Legal & Governance Leadership, PromisePeople, and Executive LeadershipAbout Mentor A PromiseMentor A Promise (MAP) is a New York City–based nonprofit dedicated to supporting children and youth ages 5–18 experiencing housing instability through mentorship, literacy, social-emotional learning, educational enrichment, and creative opportunity.As MAP continues to grow across programs, partnerships, and technology environments, maintaining strong governance, responsible risk oversight, and accountable security systems becomes increasingly essential to protecting both mission and community.At MAP, resilience is built through responsibility.Strong governance helps support strong and trusted organizations.About PromiseShield | Security, Privacy & Organizational ProtectionPromiseShield is MAP’s division responsible for cybersecurity, privacy, safeguarding, digital governance, and institutional protection.The division works to ensure that MAP’s systems, policies, and operational practices remainSecureEthicalResilientAccessibleMission-alignedPromiseShield helps create systems where accountability, protection, and responsible innovation can grow together.Role OverviewMentor A Promise is seeking a strategic and systems-minded Director of Governance, Risk & Compliance (GRC) to help lead MAP’s cybersecurity governance, institutional risk oversight, and compliance practices.This leadership role helps translate cybersecurity from technical activity into organizational accountability through the development ofGovernance frameworksRisk management systemsSecurity policiesInternal controlsDocumentation standardsCompliance and oversight practicesWorking collaboratively across technology, privacy, legal, HR, and executive leadership, this role helps ensure that MAP’s cybersecurity and protection practices remainDocumentedMeasurableSustainableAccountableMission-centeredThis is a security governance and institutional risk leadership role focused on accountability, oversight, and long-term resilience.Core ResponsibilitiesSecurity Governance & Policy DevelopmentDevelop and supportCybersecurity governance frameworksSecurity policies and proceduresGovernance standards and documentationInstitutional protection guidelinesOrganizational accountability systemsHelp ensure cybersecurity remains embedded within MAP’s operational and leadership structures.Risk Management & AssessmentCoordinate and supportCybersecurity risk assessmentsOperational risk identificationThreat and vulnerability awarenessOrganizational risk documentationRisk evaluation and prioritizationMaintain and strengthen structured approaches to institutional risk oversight.Risk Registers & Internal ControlsHelp develop and maintainOrganizational risk registersRisk tracking systemsInternal security controlsGovernance documentationAccountability and control frameworksSupport transparent and measurable risk management practices.Compliance & Security OversightSupportCompliance trackingSecurity audit preparationPolicy review cyclesGovernance reportingSecurity standards documentationOversight and accountability systemsHelp ensure MAP maintains responsible and sustainable security practices.Vendor & Third-Party Risk ReviewAssist with evaluation and oversight involvingTechnology vendorsThird-party servicesPlatform security considerationsOrganizational dependency risksVendor-related security concernsSupport thoughtful and risk-aware technology decision-making.Cross-Functional Governance CollaborationCollaborate closely withChief Security OfficerPromiseShield Privacy & Security TeamsLegal & Governance LeadershipPromisePeopleExecutive LeadershipPartner with leadership teams to help align governance, privacy, security, and institutional accountability.QualificationsWe welcome applicants from diverse professional and technical backgrounds.Helpful experience may includeCybersecurity governanceRisk managementComplianceIT auditSecurity policyLegal or regulatory environmentsGovernance frameworksInstitutional oversightStrong candidates often demonstrateStrategic and analytical thinkingPolicy and documentation skillsStrong communicationCollaboration and leadershipOrganizational awarenessEthical judgment and discretionExperience involvingRisk assessment methodologiesGovernance frameworksCompliance processesCross-functional leadershipTechnology or institutional governanceis highly valued.Why This Role MattersStrong cybersecurity depends on more than technology.It requiresGovernanceAccountabilityDocumentationThoughtful risk managementThe Director of Governance, Risk & Compliance helps ensure that MAP’s security program remains sustainable, measurable, and institutionally resilient.Protection is strengthened when accountability becomes part of culture.CommitmentVolunteer leadership roleApproximately 5–10 hours per weekMinimum 6-month Commitment RequiredRemote / hybrid collaborationUS-based volunteers onlyResponsive communication through MAP systems48-hour communication expectationParticipation in MAP onboarding, safeguarding, and organizational orientation processesWhat You’ll GainLeadership experience in cybersecurity governance and institutional risk managementOpportunity to help shape organizational policy and accountability systemsCross-functional collaboration with technology, privacy, legal, and executive teamsMeaningful impact strengthening systems supporting children and families experiencing housing instabilityProfessional references and letters of recommendationHow to ApplyInterested candidates should apply directly through Idealist and submitResumeBrief statement of interestRelevant governance, compliance, or cybersecurity experiencePlease share experience involvingGovernance or policy developmentRisk managementCompliance or audit workSecurity oversightInstitutional or technology governanceHelp strengthen trust, accountability, and digital resilience through PromiseShield.Because strong protection begins with responsible governance.This role holds the pieces together.From research to outreach to execution—help ensure every protection system is governed before it is scaled.Thank you for your interest in volunteering with our organization. At this time, volunteer opportunities are limited to individuals based in the United States due to legal, safeguarding, data-privacy, and programmatic requirements. We appreciate your interest in our mission and your understanding of these constraints.