VP Cyber Governance Risk & Compliance
Company: Fin'l Services General, Alpharetta, GA
Posted on: March 19, 2019
The Vice President of Cyber Governance, Risk & Compliance will be responsible for the strategy and execution of the Cyber GRC program functions which includes Cyber Governance, Cyber Assurance, Cyber Risk Management and other GRC-related activities. The role is also accountable for identifying, evaluating, managing and reporting cyber risks in ways that comply with regulatory requirements while enabling business objectives. This requires proactive collaboration with multiple stakeholder teams across COMPANY to ensure alignment and practical application of defined IT policies and standards. Responsibilities include, but not limited to:
• Define, implement and manage COMPANY’s Cyber GRC program strategy and maturity roadmap
• Establish and maintain an Information Security controls baseline and IT controls maturity framework
• Lead company-wide security training and awareness program
• Communicate and ensure Technology GRC programs are compliant with applicable laws, regulations, policies, standards and other legal requirements
• Coordinate with key stakeholders to facilitate Cyber risk analysis and risk management processes; establish acceptable levels of risk; and establish clear roles and responsibilities regarding data classification and protection activities
• Serve as subject matter expert to internal business and IT partners on a range of compliance standards as influenced by regulatory mandates (e.g. GLBA, SOX 404, HIPAA, data privacy regulations, etc.), including litigation support as needed, and industry best practices (e.g. NIST, ITIL, COBIT, ISO 27001)
• Identify and establish process improvements, automation and innovation opportunities to simplify, standardize and improve compliance
• Participate in key IT and Information Security initiatives as a Subject Matter Expert to ensure alignment with strategies and roadmap
• Serve as Subject Matter Expert and First Line Risk partner to internal and external business & technology teams and articulate risks in business context
• Stay current on market developments to identify emerging security technologies, risks and trends to ensure that COMPANY computing environment keeps pace with security technology and risk landscape evolution Qualifications Required Qualifications of the Vice President, Information Security Governance, Risk & Compliance:
• 15+ years of experience in information security, technology risk management, privacy and/or compliance, with significant experience in IT and Information Security control standards and processes
• 10+ years of talent management experience that includes overseeing direct reports
• Proven experience and success with managing IT and/or Information Security risk functions.
• Proven project management and organizational skills, specifically managing multiple, concurrent projects.
• Demonstrated technical abilities across a broad range of technologies: Windows, Linux, databases (Oracle, MYSQL, etc.), firewalls, routers, mobile devices, virtualization and cloud computing.
• Knowledgeable of information security risk, governance, and control frameworks such as NIST, COBIT, ISO/IEC27000 series, and PCI DSS.
• Demonstrated experience with multiple IT domains Preferred Qualifications of the Vice President, Information Security Governance, Risk & Compliance:
• CISSP, GIAC GCIA and GIAC GCIH certifications desired
• Bachelor's or Master's Degree in Information Systems, Computer Science or related discipline is highly desired
• Previous experience in financial services industry
Keywords: Fin'l Services General, Alpharetta, GA, Alpharetta , VP Cyber Governance Risk & Compliance, Executive , Alpharetta, Georgia
Didn't find what you're looking for? Search again!