Governance Risk and Compliance Director

About The Position

Requirements

• FORMAL EDUCATION: Required: Bachelor’s Degree (or foreign equivalent) or in lieu of a degree, at least 12 years in experience in the field of Information Technology or Business (work experience or a combination of education and work experience in the field of Information Technology or Business)
• 12+ years of IT/Cybersecurity experience
• 9+ years of leadership experience in managing global security programs and applying information security, risk management, compliance and privacy practices.
• 9+ years of leadership experience in Governance, Risk & Control, Audit, etc. preferably from a similar ecosystem.
• Proven experience interfacing with senior executives and business leader level and communicating complex cyber security concepts in business-relevant ways.
• 8+ years of experience working with privacy, security and/or financial laws (such as PCI-DSS, GLBA, FIPS, SOX, and data breach reporting laws), generally accepted cybersecurity principles, and accepted industry practice.
• 8+ years managing a team of direct reports.
• Demonstrates industry leading security innovation skills and an eye towards understanding the threat environment from a preventative posture.
• Strong demonstrated knowledge of enterprise systems, cloud solutions and IT/security technologies.
• Information disaster recovery planning and testing, auditing, risk analysis, business system resumption planning, and contingency planning.
• Experience in strategic planning, budgeting, and allocation.
• Clear and concise verbal and written communication.

Nice To Haves

• Preferred: Master’s degree in Business Administration, Information Science, Information Assurance or Policy & Risk Analysis
• CISSP, CRISC, CISM, GSLC, CIPM
• 10+ years working in the Manufacturing or Consumer Products industry.
• Experience working with Global Privacy and Cybersecurity laws and regulations.
• Business system continuity planning, auditing, and risk management related to information security.

Responsibilities

• Success in role requires an authentic people leader with strong leadership experience who will be able to balance team objectives, hands-on leadership of the varied Cybersecurity and IT processes and collaboration across multiple IT and business organizations.
• Leadership and vision in driving the future state objectives of the organization in alignment with Cybersecurity and business goals will be essential to success.
• Facilitate the adoption of the Cyber processes and technologies throughout the business units within the company
• Oversee and facilitate the Cyber risks framework and alignment of the Cyber risk framework with the enterprise risk management processes
• Provide management and facilitation of the Cyber training, awareness, and communication programs
• Provide management and facilitation of Cybersecurity and IT compliance program
• Provide management and facilitation of the privacy compliance program
• Provide management and facilitation of international privacy program