Director, Governance, Risk & Compliance

Hearst Technology, Inc, Information Security Office seeks a Director of Governance, Risk and Compliance. 
This hands-on position will oversee the Hearst Governance Risk and Compliance (GRC) team. Ensures the overall effectiveness of the Hearst Information Security Risk Management program.
Hearst is a leading global, diversified media, information, and services company with over 360 businesses. Its major interests include ownership in cable television networks; global financial services leader Fitch Group; Hearst Health; Hearst Transportation; 33 television stations; 24 daily and 42 weekly newspapers; more than 300 magazines around the world; digital services businesses; and investments in emerging digital entertainment companies.
Responsibilities:
•    Responsible for the security Information Security Governance, Risk and Compliance management function.
•    Build and manage a high performing team of risk professionals through recruitment, training, coaching, and performance management
•    Build and maintain successful stakeholder relationships with technology and business executives by developing a clear understanding of business needs, acting as a trusted advisor, and ensuring cost-effective delivery of security services to meet those needs
•    Educate risk owners on risk management best practices and work with other risk functions (e.g., Internal Audit and Legal) in the development and implementation of risk controls and treatment plans
•    Continuously improve the Information Security Risk Management Program
•    Develop and maintain all relevant documentation, policies, standards, guidelines, and frameworks, embedding controls into process across the business and technology units
•    Assists in the early identification of risk trends by establishing and monitoring key performance and key risk indicators via Risk and Business Impact Assessments
•    Oversee global security awareness strategy and programs fostering a culture where security is everyone’s responsibility
•    Manage Compliance programs across business units e.g., PCI, HIPAA, Privacy, Internal/External Audits, and 3rd Party Vendor Management
•    Advise senior management on risk reduction practices and influence process change
•    Assist the CISO to develop strategic plans and roadmaps
Requirements / Qualifications
•    10 + years of security experience in relevant security domains (e.g., compliance, audit, security risk management), with 5+ years of management experience
•    Experience implementing and maturing risk frameworks based on NIST, ISO, PCI, HITRUST and SOC2
•    Experience implementing privacy program control frameworks based on privacy regulations such as CCPA and GDPR
•    Experience managing internal/external audits 
•    One or more industry certificates e.g., CISM, CRISC, CISA, CIPM, CISSP
•    Experience recruiting and building out high performing, global security teams
•    Demonstrated customer-first mindset
•    Outstanding communication, conceptual thinking, change/project management, analytical, and problem-solving capabilities
•    Consistent track record owning project/work activities, balancing multiple priorities delivering results

In accordance with applicable law, Hearst is required to include a reasonable estimate of the compensation for this role if hired in New York City.  The reasonable estimate, if hired in New York City, is $175,000-$210,000.  Please note this information is specific to those hired in New York City.  If this role is open to candidates outside of New York City, the salary range would be aligned to that specific location.  A final decision on the successful candidate’s starting salary will be based on a number of permissible, non-discriminatory factors, including but not limited to skills and experience, training, certifications, and education.  Hearst provides a competitive benefits package, including medical, dental, vision, disability and life insurance, 401(k), paid holidays and paid time off, employee assistance programs, and more.

In accordance with applicable law, Hearst is required to include a reasonable estimate of the compensation for this role if hired in New York State.  The reasonable estimate, if hired in New York State, is $175,000-$210,000.  Please note this information is specific to those hired in New York City.  If this role is open to candidates outside of New York State, the salary range would be aligned to that specific location.  A final decision on the successful candidate’s starting salary will be based on a number of permissible, non-discriminatory factors, including but not limited to skills and experience, training, certifications, and education.  Hearst provides a competitive benefits package, including medical, dental, vision, disability and life insurance, 401(k), paid holidays and paid time off, employee assistance programs, and more.

Hearst is one of the nation’s largest global, diversified information, services and media companies.

Hearst has been innovating for more than a century, leading with purpose, integrity and a culture of care, with a mission to inform audiences and improve lives.

The company’s diverse portfolio includes global financial services leader Fitch Group; Hearst Health, a group of medical information and services businesses; Hearst Transportation, which includes CAMP Systems International, a major provider of software-as-a-service solutions for managing maintenance of jets and helicopters; ownership in cable television networks such as A&E, HISTORY, Lifetime and ESPN; 35 television stations; 24 daily and 52 weekly newspapers; digital services businesses; and more than 200 magazines around the world.

Hearst is always moving forward, investing in healthcare solutions to improve patient outcomes and technology that curbs emissions; providing vital analysis, data and software to the global financial services industry; delivering important service and investigative journalism; and inspiring audiences with sports and entertainment programming.

With a commitment to maintaining the highest quality in its products and services, Hearst is dedicated to serving the communities it operates in, both civically and philanthropically.

Hearst is an Equal Employment Opportunity employer.  We do not discriminate in hiring on the basis of race, color, national origin, religion, creed, sex or gender, gender identity, gender expression, sexual orientation, age, physical or mental disability, military or veteran status, or any other characteristic protected by federal, state, or local law.