
BLACKMERE CASE STUDY:
Telecom Governance Risk & Compliance (GRC) Expert​
​
Client Overview:
Our client, a well-established telecom company, was rapidly expanding its information security initiatives to enhance data protection and regulatory compliance. As they developed a comprehensive security program, they aimed to establish a Governance, Risk, and Compliance (GRC) function from the ground up. With a focus on proactively addressing regulatory requirements and managing vendor risk, they needed a motivated and capable Information Security Analyst to take on this critical role.
​
Challenge:
The client needed a Senior Information Security Analyst with a GRC focus who could drive their compliance and risk management efforts with an entrepreneurial approach. This unique role would allow the new hire to establish the GRC program from scratch, creating the foundation for long-term success. The client looked for a candidate with:
-
3-5 years of GRC experience, encompassing areas like risk management, compliance, and security awareness.
-
Strong communication and collaboration skills for working effectively across all departments.
-
Familiarity with key compliance frameworks (SOC 1/2, ISO 27001, PCI-DSS) and experience in third-party risk management.
-
An industry certification such as CISA, CISM, or CISSP.
-
A proactive mindset to tackle immediate compliance needs, including an impending audit, while also establishing long-term GRC strategies.
This role offered the new hire the chance to build workflows, streamline internal processes, and shape the GRC toolkit from the ground up, providing a rare opportunity for someone eager to learn and grow in a fast-paced environment.
Solution:
With Blackmere Consulting’s expertise in GRC and information security recruitment, we identified and attracted a candidate ideally suited to the client’s needs. Understanding the client’s high expectations and vision for a scalable GRC program, we tailored our approach to find a candidate with both the skills and enthusiasm to make a meaningful impact in a high-stakes, growth-driven role.
Our approach included:
-
Targeted Search for Emerging GRC Talent: We focused on identifying candidates with solid GRC experience and a passion for growth. Candidates with experience across multiple GRC functions and an interest in building systems from the ground up were prioritized.
-
Emphasis on Learning and Mentorship: Recognizing the mentorship opportunity with the client’s Sr. Manager, we highlighted the chance to work closely with experienced leaders. This appealed to candidates driven by professional development and excited to gain hands-on experience in risk management, vendor assessments, and compliance.
-
Evaluation of Cultural and Technical Fit: Through detailed interviews, we assessed candidates’ technical knowledge, problem-solving capabilities, adaptability, and cultural fit. This included evaluating their ability to communicate and collaborate across teams, ensuring they could effectively engage with both internal and external stakeholders.
Result:
Blackmere successfully placed a high-potential Information Security Analyst who brought the technical knowledge, adaptability, and ownership mentality needed to establish the GRC function. This individual’s combination of proactive problem-solving, experience across multiple GRC domains, and alignment with the client’s vision enabled them to deliver immediate impact.
In their first months, the new hire:
-
Launched a third-party risk management program addressing and managing vendor risks.
-
Established security awareness programs to promote best practices within the organization, increasing overall security awareness.
-
Led preparations for a PCI compliance audit, demonstrating an immediate, hands-on approach to meet regulatory standards.
-
Streamlined workflows for compliance documentation, ensuring clarity and consistency across compliance efforts.
-
Contributed to the selection of a GRC tool, laying the foundation for scalable risk and compliance management.
Impact:
The candidate’s work allowed the client to quickly establish a strong GRC foundation, aligning with industry best practices and supporting sustainable growth. By collaborating closely with senior leadership and various stakeholders, the new hire established initial controls, documentation processes, and security awareness initiatives, positioning the client for ongoing success in their security and compliance objectives.
​
Key Takeaways:
-
Blackmere’s ability to identify a driven, adaptable candidate allowed the client to establish their GRC function effectively with a proactive professional prepared to shape the program.
-
Our focus on mentorship and growth opportunities attracted a candidate who thrived in the dynamic, learning-focused environment that the client provided.
-
Blackmere’s commitment to matching technical expertise and cultural alignment enabled a seamless fit, allowing the client to achieve immediate results in compliance while building a GRC function designed for long-term impact.
​
CASE PROFILE
Company:
A growing telecom company expanding its information security initiatives to enhance data protection and regulatory compliance.
Industry:
Telecommunications
Challenge
Finding a proactive GRC professional to build foundational programs, manage vendor risk, and address immediate compliance needs in a fast-paced, growth-driven environment.
Solution
Blackmere conducted a targeted search for adaptable GRC talent with technical expertise, mentorship potential, and the drive to build scalable compliance frameworks from scratch.
Impact
The new hire launched vendor risk management, security awareness programs, and audit preparation initiatives, creating a strong GRC foundation aligned with the client’s goals for sustainable growth and compliance excellence.
Client Testimonials:
CFO: "We just had the most amazing all-hands meeting here today... We are making such an impact. It’s mind-blowing. Thank you. Thank you. Thank you!"
​
COO: "You. Are. AMAZING!! You totally delivered a unicorn, and [candidate] is amazing. Well done!!"
Through strategic talent acquisition and confidential search processes, our firm played a critical role in strengthening our clients' cybersecurity capabilities, enabling them to navigate complex cyber threats and drive organizational success with confidence.
Interested in learning how Blackmere can transform your difficult-to-fill or high-profile roles? Learn more