Director, Information Security Governance, Risk, & Compliance, Remote

An organisation is searching for a Director, Information Security Governance, Risk, please see some of their job details below.

Responsibilities: • Implements a compliance program for portfolio of internal/external audits & certifications, ensuring documented and sustainable compliance practices across the enterprise. • Implements compliance processes to automate and continuously monitor information security controls, exceptions, risks, testing, and evidence artifacts. Develops reporting metrics and dashboards. • Assists control owners in defining responsibilities and control standards for regulatory and compliance goals – including but not limited to the following audits and certifications: SOX IT, PCI, HIPAA, SOC1/2, FedRAMP, HITRUST, ISO 27001/27017/27018, HDS, ISMAP, DORA, NIS2, Cyber Essentials, etc. • Map and maintain common controls framework and control scope/applicability for portfolio of compliance initiatives and information security policies. • Assists in the establishment of an Information Security GRC Center of Excellence by providing audit and assurance services to support portfolio of compliance projects. Provide compliance subject matter expertise and advisory services to stakeholders / control owners. • Documents and reports control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities. Evaluate & report any security/compliance risks to track as part of the enterprise risk register. Consults on developing security standards, procedures, and controls to manage risks. • Gather requirements and lead implementation of a centralized GRC tool & audit/certification document repository to manage compliance program information across the enterprise. Work with business unit/product level compliance teams to drive and align to a shared enterprise compliance strategy and management approach/methodologies to ensure streamlined, lean, effective, and agile processes. • Provides dashboards and reports based on regular assessments and testing of effectiveness and efficiency of controls. • Manages and assists compliance staff in operational oversight of compliance program functions. • Consolidates audit/assessment vendor partners and manages third party relationships/contracts. Provide third party audit services to business units as needed. • Facilitates responses for corporate-level compliance related customer/partner/third party requests. • Practice Agile methodologies and promote/drive automation across all initiatives to promote a higher level of work quality and act as a model for others to emulate.

Qualifications: • Bachelors Degree in Computer Science or equivalent field of study • 10+ years of experience working with applicable information security management, governance, and compliance principles, practices, laws, rules and regulations • 10+ years of experience in Information systems auditing, monitoring, controlling, and assessment process • Proficiency in Risk assessment and management methodology • Proficiency working with recognized IT Security-related standards and technologies. • Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals. This is a highly responsible position that requires both quantitative and interpersonal skills. • Demonstrated project management, organizational and facilitation skills. • Experience with business continuity planning, disaster recovery planning, auditing, and risk management, as well as contract and vendor negotiations. • Excellent communication and presentation skills. Demonstrated ability to serve as an effective member of the senior management team and ability to communicate security-related concepts to a broad range of technical and non-technical management and staff. • High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity. • CISSP and CISA/CISM certifications desired.

$151,800.00 – $282,000.00

Benefits:
• Medical, Dental, and Vision Insurance.
• Telehealth coverage
• Flexible work schedules and work from home opportunities
• Development and career growth opportunities
• Open Time Off in addition to 10 paid holidays
• 401(k) matching program
• Adoption Assistance
• Fertility treatments

#JPKR

#JPKR

Apply Job!