Compliance

• Provide direction, coaching and development for the Compliance team to ensure effective execution of security governance, risk and compliance activities.
• Draft, maintain and evolve policies, standards, and procedures to align with industry best practices, regulatory requirements, and business needs.
• Serve as a primary contact for PCI DSS, SOC 2, NIST and security and compliance related customer and prospect audits and assessments.
• Coordinate security program testing, control validations, and independent assessments to validate program effectiveness and compliance with frameworks such as NIST CSF and PCI DSS, overseeing timely tracking, remediation and reporting of control gaps.
• Oversee annual enterprise risk assessments, security reviews, business impact analyses, business continuity/incident response tabletops, and critical service provider assessments, ensuring identification, tracking and remediation of risks.
• Drive continuous improvement of GRC processes, tools and methodologies to enhance program maturity.
• Partner with business units to strengthen a multifaceted security, privacy and compliance awareness program, fostering a culture of shared responsibility for information security, privacy and compliance.
• Develop, track, and report meaningful metrics and key risk indicators (KRIs) for Executive Leadership.
• Collaborate with Human Resources, Engineering, IT and other internal teams to ensure alignment of security practices across the enterprise.
• Work with internal teams to track and verify remediation of issues identified during testing, ensuring timely and effective resolution and reporting.
• Provide guidance to the company on emerging risks, industry trends, and regulatory expectations to influence security strategy and business decisions.

Director, Governance Risk & Compliance – GRC

Director, Field Medical Affairs – COVID-19/Virology

US Director, Regulatory Policy and Intelligence

Compliance Specialist I

Senior NERC & Operations Compliance Manager – Battery Storage

Senior Principal, IT Governance, Risk and Compliance – GRC