Job added in hotlist
Applied job
Contract job
90-day-old-job
part-time-job
Recruiter job
Employer job
Expanded search
Apply online not available
View more jobs in Boston, MA
View more jobs in Massachusetts

Job Details

Director Cyber Security Policy and Controls Governance

Location
Boston, MA, United States

Posted on
Apr 20, 2021

Apply for this job






Profile

Description

The Director, Cyber Security Policy and Standards will lead the Policy and Control Governance team within Enterprise Information Protection. This area develops and manages governance processes and standards to ensure that IT and cyber security standards, architecture/designs, plans, controls, processes, and procedures align with policy and control requirements. The Director role oversees the complete policy life cycle management process, cloud control governance, core control governance, and control review services.

This role will drive the development and companywide implementation of control governance standards utilizing existing control frameworks. Control governance standards will guide enterprise wide IT and business processes on security control requirements to enable business and IT goals and to align with compliance and risk processes.

Responsibilities

Key Responsibilities

The Director ensures that security policies and controls are aligned with regulatory requirements and industry best practices and support business and IT strategic goals. Essential tasks include the development, implementation and management of control governance standards for Information Security and IT architecture designs, plans, controls, processes. The role will be responsible for control review and guidance services including enterprise level control recommendations and risk assessment. The Director leads a team of security policy and control professionals and ensures the development of individual skill sets and growth paths.

Key Competencies:


Builds Trust: Strong team player who consistently models and inspires high levels of integrity, lives up to commitments and takes responsibility for the impact on one's actions. Requires little to no instruction on day-to-day work.
Leads Change: Guides and energizes others, models adaptability and inspires strong organizational performance through periods of transformation, ambiguity and complexity.
Communication: Ability to interact and effectively communicate complex topics to all levels of management within and outside of the organization. Understand the needs and perspectives of others and tailors delivery accordingly.
Accountability: Exercises independent judgment / decision making on complex issues. Competent to work independently, meet established expectations and take responsibility for achieving results, and ensures direct reports to do the same.


Role Essentials:


Bachelor's degree in Cyber Security, Computer Science, Information Technology or a related field
8 or more years of progressive leadership in an Information Security or IT leadership position
Experience with Governance Risk and Compliance technologies and their implementation
Experience working with control frameworks such as HITRUST CSF, NIST CSF, NIST 800-53, CSA-CCM
Proven experience in developing and implementing control governance processes
Strong experience in designing and managing security policies and controls.
Experience integrating Cyber Security technologies with existing technologies including cloud services
Strong ability to assess urgency and prioritization and make good decisions based upon situational circumstances
Excellent communication skills with the ability to influence others
Must be passionate about contributing to an organization focused on continuously improving governance and compliance management


Role Desirables:


Experience in all aspects of control governance from a previous role.
Strong knowledge of key compliance and IT frameworks such as: CSA-CCM, PCI, HITRUST, SOC1, SOC2, HIPAA, COBIT, ITIL.
Cloud service experience
Master's Degree preferred
Professional certifications such as CISA, CISSP, CRISC, CGEIT, Cloud certifications such as CCSP, CCSK, CSP-based certifications) preferred.
Ability to interpret and understand business needs and convey such issues to information security teams.


Scheduled Weekly Hours

40

Company info

Sign Up Now - ManagerCrossing.com

Similar Jobs:
Position Summary:  This individual will support NxStage Medical’s field and internal teams in the Critical Care Division.  He/she will report directly to the Director of Marketing – Critical Care and be responsible for serving as ...
PRINCIPAL DUTIES AND RESPONSIBILITIES: Create, optimize and align global Home travel process solutions representing PD, HHD, Connected Health digital solutionsDevelop, implement, manage analytical tools that enhance VOC and end us...
Position Summary:This position will report directly to the Vice President of Commercial & Business Operations – Critical Care, Renal and be responsible for incremental sales and revenue growth by leading the U.S. Field Sales Train...