Director, Compliance and Business Office

About The Position

Requirements

• Bachelors Degree in Information Security, Risk / IT Management, Computer Science, Computer Engineering, related field, or commensurate experience
• Minimum 10-12 years of experience in governance, risk, or compliance
• Experience in leading a team
• Strong analytical skills, business intelligence, effective communication, interpersonal skills, organizational intelligence, relationship management, the ability to make meaningful decisions based on sound judgement
• The ability to work effectively with a variety of roles from Executive Management to Analysts
• Strong understanding of risk management programs and their interactions with internal and external stakeholders

Nice To Haves

• Certifications such as CISA, CISM, CRISC, CISSP are preferred
• Knowledge of national and international regulatory and compliance frameworks such as NIST Cybersecurity Framework, ISO 27001, EU DPD, HIPAA/HITECH
• Experience in medical device or life sciences industries, or other highly regulated environments

Responsibilities

• Oversee and lead both operational excellence and improvements in existing programs and tailored compliance assessments (PCI, SOx, SWIFT, ISO27001). These programs and processes must drive to timely remediation of any improvements noted via process, leadership dashboards, and other mechanisms.
• Design and direct robust processes to drive additions to second line of defense and oversight mechanisms for controls via new GRC functionality, including implementation of: Control attestations Testing procedures Indicators Automation of controls oversight
• Serve as audit liaison to various internal and external audit stakeholder groups, helping support the teams in understanding the complex business environment.
• Provide subject matter expertise and assistance to stakeholders, advising on the most effective and efficient controls application strategy
• Effectively communicate risk-related concepts to stakeholders, with the ability to simplify the complex.
• Attract and retain talent, and ensure staff development (leadership, cross-functional, technical, global perspective).
• Manage an operating budget and project spend with financial discipline.
• Establish and maintain a resource model that can flex as needed to support controls testing rollouts and/or special initiatives.
• Build and maintain relationships necessary for the successful execution of the cybersecurity controls, compliance, and oversight program.
• Drive and oversee cyber project governance and portfolio management, ensuring alignment with strategic objectives, resource optimization, and adherence to standardized methodologies across all initiatives.
• Manage business operations and financial oversight, including budgeting, forecasting, vendor management, and performance reporting to support organizational efficiency across the cyber organization.

Benefits

• The base pay for this position is $149,300.00 – $298,700.00