Key Responsibilities:
Program Management
Develop, implement and maintain a comprehensive cybersecurity compliance program, aligned to industry standards and regulations such as ISO 27001, NIST 800-171, NIST 800-53, PCI DSS.
Oversee and manage the audit process associated with customer and federally regulated compliance programs, including coordinating with the third-party assessors and internal stakeholders.
Report on the status of the compliance programs to senior management.
Conduct regular risk assessments and gap analysis to proactively identify and mitigate potential non-compliance matters and potential vulnerabilities.
Collaboration & Communication:
Partner with various stakeholders across the organization, including IT, Legal, Compliance, and business units.
Participate in audits and assessments.
Stay abreast of emerging security threats, vulnerabilities, and industry best practices to proactively address potential risks.
Act as a subject matter expert and provide guidance to the organization on compliance related matters.
People Management:
Lead, develop, and manage employees to achieve the organization’s roles, including recruiting, training, developing and performance management.
Ensure personnel are appropriately aligned to assigned projects and responsibilities based on skills and performance.