Leading the design and implementation of a policy- and standards-driven cybersecurity governance program supported by GRC tooling
Establishing and maturing a data governance and protection program across the full data lifecycle
Defining and enforcing data classification, labeling, and handling requirements
Establishing and maintaining enterprise security governance structures, roles, and accountability
Serving as a trusted advisor to business and technology stakeholders on governance, risk, and compliance matters
Driving identification, escalation, and resolution of cybersecurity GRC risks and issues
Supporting and maintaining cybersecurity compliance certifications and initiatives

Requirements

Extensive experience in cybersecurity governance, risk, and compliance programs
Proven experience developing and managing security policies, standards, and controls
Experience building or maturing enterprise data governance and data protection programs
Working knowledge of security and compliance frameworks such as ISO 27001/27701, HIPAA, PCI DSS, NIST 800-53/800-171, etc.
Experience implementing and operating GRC platforms and security programs
Project management, analytical, and problem-solving skills
Preferred Certifications: CISSP, CISM, CISA, CHP, CHSS

Benefits

Health insurance
401(k) matching
Annual incentive bonus
Flexible work arrangements

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

cybersecurity governancerisk managementcompliance programssecurity policiesdata governancedata protectionsecurity frameworksGRC platformsISO 27001NIST 800-53

Soft skills

project managementanalytical skillsproblem-solvingcommunicationadvisory skills

Certifications

CISSPCISMCISACHPCHSS