Global Cybersecurity GRC Manager (King Of Prussia, PA, US, 19406)

About The Position

Requirements

• This position requires keen external focus and avid learning given the rapid pace of change globally.
• Resourcefulness, good judgment, persistence, the ability to influence others and strong executive presence are some of the qualities of a successful candidate.
• Experience working with a diverse set of stakeholders across complex and diverse organizational structures.
• Prior managerial experience leading security or compliance teams is required.
• Bachelor's degree in Computer Science, Information Systems, Cyber Security or Information Technology.
• Experience working with a diverse set of stakeholders, including international across complex and diverse organizational structures.
• Experience using various frameworks such as NIST, ISO/IEC 27000, NERC-CIP, FAIR, CSA, COBIT, COSO, OCTAVE, PCI 27000 series, ITIL, COBIT.

Nice To Haves

• Experience in energy, financial or other regulated industries is preferred.
• Master's Degree (Preferred): in Cybersecurity, Risk Management or Business Administration (MBA) with a Cyber or Risk focus can provide a deeper understanding of strategic management and leadership.
• One or more Industry-standard security certifications (such as CISSP, CISM, CISA, CRISC) is preferred.
• Experience in energy, financial or other regulated industries.
• Prior managerial experience leading security or compliance teams is a plus.

Responsibilities

• Govern the global information security program to ensure adequate controls are in place to protect the confidentiality, integrity and availability of information owned, controlled or processed by the Company via company policies and standards.
• Manage a global security compliance program based on UGI standards, industry standards, applicable regulatory and compliance requirements (e.g., FISMA, PCI, SOX, GDPR, CCPA,PUC, etc.).
• Accountable for reporting out the cybersecurity compliance of the company through monthly metrics.
• Advise the CISO on emerging risks and trends developing within the company from metrics and security exceptions and other forms of communications
• Accountable for tracking all third-party breaches and remediations that are not directly supported by UGI's technology team.
• Oversee technical assessments and processes of the effectiveness and design of cybersecurity controls, including, application security controls, vendor security reviews, security exceptions, mergers & acquisitions, technology projects, identity access management, data loss prevention and artificial intelligence activities.
• Collaborate with key stakeholders (i.e. Information Technology, Cybersecurity Risk Manager, Legal, HR , Procurement, etc.) regarding the development, implementation and sustainability of programs that support the governance, risk and compliance processes.
• Lead the identification and development of talent and for managing performance to ensure goals and objectives are met or exceeded.
• Ability to develop a mentoring culture with both experienced team members and junior staff
• Consistently measuring GRC talent performance to identify strengths and opportunities through qualitative and quantitative metrics.
• Ensuring a continuous improvement process is embedded in the teams' practices to further advance the GRC program.
• Develop external relationships to keep a pulse on what is happening in the industry.

Benefits

• Medical, Vision, and Dental Plans
• Optional Health Savings Account
• Optional Dependent Care Savings Account
• Paid Maternity/Paternity Leave
• Work from home policy
• Employee Assistance Program
• 401K with a generous company match
• Tuition Reimbursement
• Assistance with Professional Credentialing
• Referral Bonuses
• Employee Discount Programs