Assoc Director Security Risk Management

United States
Full Time
Posted
3 days ago

Key Responsibilities:

  • Program Management

    • Develop, implement and maintain a comprehensive cybersecurity compliance program, aligned to industry standards and regulations such as ISO 27001, NIST 800-171, NIST 800-53, PCI DSS.

    • Oversee and manage the audit process associated with customer and federally regulated compliance programs, including coordinating with the third-party assessors and internal stakeholders.

    • Report on the status of the compliance programs to senior management.

    • Conduct regular risk assessments and gap analysis to proactively identify and mitigate potential non-compliance matters and potential vulnerabilities.

  • Collaboration & Communication:

    • Partner with various stakeholders across the organization, including IT, Legal, Compliance, and business units.

    • Participate in audits and assessments.

    • Stay abreast of emerging security threats, vulnerabilities, and industry best practices to proactively address potential risks.

    • Act as a subject matter expert and provide guidance to the organization on  compliance related matters.

  • People Management:

    • Lead, develop, and manage employees to achieve the organization’s roles, including recruiting, training, developing and performance management.

    • Ensure personnel are appropriately aligned to assigned projects and responsibilities based on skills and performance.