Executive Director, Cybersecurity Strategy, Governance, & Engagement

About The Position

Requirements

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Business Administration, Communications, or related field, or equivalent experience - Required
• 10+ years’ relevant technology and business experience - Required
• Minimum 5-7 years of progressive experience in cybersecurity, information security, or IT risk management - Required
• Demonstrated experience developing and implementing cybersecurity metrics, KPIs, and reporting frameworks - Required
• Proven experience developing, executing, and maturing cybersecurity strategies and roadmaps aligned to enterprise business objectives - Required
• Proven track record of designing and delivering cybersecurity training and awareness programs - Required
• Experience creating executive-level presentations and communicating technical concepts to non-technical audiences - Required
• Strong analytical skills with experience collecting, analyzing, and visualizing security data - Required
• Hands-on experience with security tools, technologies, and frameworks (NIST CSF, ISO 27001, CIS Controls) - Required
• Experience managing projects and coordinating cross-functional initiatives - Required

Nice To Haves

• Post-graduate or professional qualification in related field - Preferred
• Relevant industry certifications such as CISSP, CISM, CRISC, Security+, or similar - Preferred
• Training or instructional design certifications (e.g., CPTD, ATD certification) - Preferred
• Experience in a regulated industry (financial services, insurance, government, etc.) - Preferred
• Background in strategy, governance, risk management, or compliance functions - Preferred
• Proficiency with data management, data visualization, and business intelligence tools (e.g., Power BI, Snowflake, Alteryx) - Preferred
• Experience with learning management systems (LMS) and security awareness platforms (e.g., KnowBe4, Proofpoint, SANS Security Awareness) - Preferred
• Experience conducting phishing simulations - Preferred
• Knowledge of adult learning principles and instructional design methodologies - Preferred
• Prior experience managing vendor relationships and procurement processes - Preferred
• Demonstrated success in driving cultural change and influencing behavior across organizations - Preferred
• Experience with Governance, Risk, and Compliance (GRC) platforms - Preferred

Responsibilities

• Cybersecurity Governance, Strategy & Planning Partner with the VP, Cybersecurity Strategy, Governance, and Oversight to define, evolve, and maintain the enterprise cybersecurity strategy and multi‑year roadmap
• Translate cybersecurity strategy into strategic objectives, key results, initiatives, investment priorities, and governance expectations
• Establish and maintain cybersecurity governance frameworks, including decision rights, accountability, and escalation paths
• Partner with security teams to define and contribute to cybersecurity requirements that guide and shape execution across security and technology workstreams
• Ensure cybersecurity strategy is clearly documented and communicated across technical, executive, and board‑level audiences
• Provide oversight and transparency through consistent reporting on strategy execution and progress against the roadmap
• Cybersecurity Metrics & Reporting Design, implement, and maintain a comprehensive cybersecurity key risk and key performance indicator framework
• Develop executive dashboards, scorecards, and regular reporting packages that communicate security posture, trends, and program effectiveness to technical and non-technical stakeholders
• Collect, analyze, and synthesize data from multiple security tools and sources to identify patterns, gaps, and opportunities for improvement
• Establish baseline measurements and track progress against cybersecurity program goals and regulatory compliance requirements
• Collaborate with security operations, architecture, engineering, risk management, and compliance teams to ensure metrics accurately reflect security outcomes
• Lead the development of executive presentations on cybersecurity program performance
• Cybersecurity Engagement Develop and execute a cybersecurity awareness and training strategy tailored to different audiences, roles, and risk profiles
• Identify opportunities for engaging training content, including e-learning modules, workshops, simulations, phishing campaigns, and microlearning materials
• Collaborate with cross-functional learning teams to implement organization-wide security awareness campaigns utilizing multiple channels (e.g., email, intranet, videos, posters, events)
• Establish metrics to measure training effectiveness, behavior change, and cultural adoption of security best practices
• Partner with Human Resources, Internal Communications, and business units to integrate security awareness into onboarding, role changes, and ongoing professional development
• Oversee and coordinate security outreach initiatives such as Cybersecurity Awareness Month activities, Security Communications initiatives, lunch-and-learns, and executive briefings
• Stay current with emerging threats and attack trends to ensure training content remains relevant and timely
• Cross-Functional Leadership Collaborate with security leadership and domain subject matter experts to align metrics and training initiatives with overall cybersecurity strategy
• Build relationships across IT, Legal, Compliance, Risk Management, and business stakeholders
• Manage vendor relationships related to training platforms, awareness tools, and reporting solutions

Benefits

• Gain valuable knowledge from and experience with diverse, caring colleagues around the world.
• Enjoy a respectful, welcoming environment that fosters individuality and encourages pioneering thought.
• Join the bright and creative minds of RGA, and experience vast, endless career potential.
• RGA also maintains a full range of health, retirement, and other employee benefits.