Director of Cybersecurity Governance, Risk and Compliance
Tasks
- Align governance with Internal Audit Compliance Privacy Legal and Enterprise Risk
- Analyze cyber risk trends and prioritize remediation
- Assess effectiveness and cost benefit of security controls
- Author and maintain cybersecurity policies standards and procedures
- Build lead and mentor cybersecurity governance team
- Conduct risk assessments for clinical systems cloud and infrastructure
- Coordinate secure adoption of emerging technologies
- Coordinate tabletop exercises and preparedness activities
- Deliver executive cybersecurity risk reporting
- Develop and execute cybersecurity GRC strategy
- Develop and maintain business continuity and disaster recovery strategies
- Develop and oversee security awareness education and behavior change
- Develop healthcare specific cybersecurity standards
- Develop vendor risk management processes and risk tiering
- Ensure compliance with HIPAA and NIST frameworks
- Establish cloud security application security and secure development governance
- Establish cybersecurity metrics and KPIs
- Establish incident communication protocols recovery procedures and response playbooks
- Evaluate SOC reports penetration testing results and vendor risk documentation
- Evaluate cyber insurance and residual risk transfer
- Lead HIPAA security risk analyses and remediation planning
- Lead vendor security assessment and onboarding programs
- Maintain cybersecurity risk registers and mitigation tracking
- Own incident response governance and escalation processes
- Perform business impact analyses for cybersecurity risks
- Review contracts and Business Associate Agreements for security and compliance requirements
- Support audits regulatory inquiries and compliance reviews
- Support research security governance for regulated data
- Support vulnerability management security testing and threat modeling
Perks/Benefits
Skills/Tech-stack
800-171 | Application Security | Application Security Governance | Business Associate Agreements | Business Continuity | Business Impact Analysis | Business impact | Cloud Security | Cloud Security Governance | Compliance Management | Cyber Insurance | Cyber Insurance Risk | Cyber Insurance Risk Transfer | Cybersecurity | Cybersecurity Framework | Cybersecurity metrics | Disaster Recovery | Executive reporting | Governance Risk | Governance Risk and Compliance | HIPAA Security | Impact analysis | Incident Response | Insurance Risk Transfer | NIST 800 | NIST 800-171 | NIST Cybersecurity | NIST Cybersecurity Framework | Penetration Testing | Risk Analysis | Risk Management | Risk and Compliance | Risk registers | Risk transfer | SOC reports | Secure Development | Security Governance | Security Risk | Security Risk Analysis | Security awareness | Security policies | Tabletop Exercises | Third Party | Third-Party Risk | Third-party risk management | Threat modeling | Vendor Assessments | Vendor Risk | Vendor risk management | Vulnerability Management
Education
Bachelor of Engineering | Bachelor of Science | Master of Science
Related jobs
-
800-53 | AD Connect | Access Certification | Access Management | Active Directory401k plan with company matching | Bereavement | Employee assistance program | Employee discount program | Health dental vision careSenior-level Full TimeRemote - Nationwide, United States R15h ago
-
Director of Cybersecurity USD 580K-780KCompliance Management | Cybersecurity | Executive Communication | HIPAA | ISO 27001EOS Leadership Methods | Health insurance | Life events leave | Paid time off | Pantry vouchersExecutive-level Full TimeRemote R20h ago
-
Cybersecurity Director USD 230K-245KAWS | Access Controls | Access Management | Application Security | Audit compliance401k match | Fitness allotment | Health benefits | Mental health resources | Paid time offExecutive-level Full TimeSan Francisco, CA/Hybrid R3d ago
-
800-53 | AD Connect | AWS IAM | AWS IAM Identity Center | Access Certification401k match | Employee assistance program | Health and wellbeing benefits | Holidays | Life and disability insuranceSenior-level Full TimeRemote - Nationwide, United States R3d ago
-
Chief Information Security Officer (CISO) USD 237K-390KAccess Certification | Access Management | Audit evidence | Board reporting | Business Continuity401k retirement plan | Catered lunches | Dental insurance | Disability insurance | Employee assistance programExecutive-level Full TimeAustin, TX / Morristown, NJ (hybrid) R4d ago
-
Chief Information Security Officer (CISO) USD 237K-390KAccess Certification | Access Management | Business Continuity | Control Frameworks | Cybersecurity401k retirement plan | Dental insurance | Employee assistance program | Employer-paid life insurance | Flexible spending accountExecutive-level Full TimeMorristown, NJ / Austin, TX (hybrid) R4d ago
-
Head of Vendor Management (Technology), Cybersecurity INR 2000K-4000KBudgeting | Business case | Business case development | Case Development | Commercial negotiationContinuous professional development | Flexible workingExecutive-level Full TimePune, Maharashtra, India R4d ago
-
Manager, Cybersecurity Policy, Risk & Governance USD 110K-130KBenchmarking | Change Management | Compliance | Cyber policy | CybersecurityHybrid work | Remote work | Travel up to 25 percentMid-level Full TimePittsburgh, PA, United States R4d ago
-
Senior Director, Head of Cybersecurity & Privacy Legal USD 231K-330KAI Governance | CCPA | CPRA | Cloud Architecture | Contract NegotiationEducation reimbursement | Health plans | Hybrid work option | In-office perks | Paid time offSenior-level Full TimeRemote - USA; San Jose, California, … R5d ago
-
Senior Director - Information and Cyber Security USD 102K-147KAccess Management | Advanced Analytics | Application Security | CCPA | CIS Controls401k match | AD D Insurance | Accident insurance | Auto insurance | Basic life insuranceSenior-level Full TimeVirtual R5d ago
-
Cybersecurity Executive USD 180K-225KAdvanced Persistent Threats | Air-gapped | Air-gapped systems | Chain management | Cloud deploymentExecutive-level Full TimeUnited States - Remote R6d ago
-
Clinical Research | Clinical operations | Critical to quality | Dashboarding | Data VisualizationHybrid work schedule | Local to Marlow requirement | On site days Tuesday through ThursdayExecutive-level Full TimeMarlow, England, United Kingdom R6d ago
-
Manager IT-Cybersecurity Compliance USD 80K-133K800-171 | Action Management | Archer | Audit Readiness | CISA401k employer match | Adoption reimbursement | CEU access | Certification reimbursement | Critical illness insuranceMid-level Full TimeVirginia Remote, United States R7d ago
-
Director, Cybersecurity – Information Technology CAD 130K-170KBudgeting | Cybersecurity | Cybersecurity Framework | Cybersecurity Policy | Incident ResponseCareer growth | Diversity and inclusion | Work-life balanceExecutive-level Full TimeHybrid, Canada R7d ago
-
SMD Identity Governance and Administration USD 56K-62KAccess Management | Cloud Architecture | Cloud Security | Control Self-Assessment | Enterprise SecurityDomestic travel | Remote work opportunitySenior-level Full TimeCT Stamford HQ, United States R7d ago
-
Access Management | Awareness Training | Cybersecurity | Data Processing | Enterprise SoftwareExecutive-level Full TimeDayton WFH, United States R7d ago
-
Cybersecurity Governance Specialist EUR 39K-52KCyber Essentials | Cybersecurity | Cybersecurity Awareness | Cybersecurity frameworks | Cybersecurity governanceMid-level Full TimeParets del Valles, ES R11d ago
-
EMEA Services Strategy Sr. Director (Remote, GBR) GBP 78K-110KBudgeting | Commercial negotiation | Compliance | Cybersecurity | Demand GenerationCompetitive vacation and holidays | Employee networks | Paid adoption leave | Paid parental leave | Professional development opportunitiesSenior-level Full TimeGBR Remote, United Kingdom R11d ago
-
Senior Director, Security Architecture EUR 69K-91KCloud Security | Development Lifecycle | Information security | Multi-cloud | Risk AssessmentProfessional development | Remote workSenior-level Full TimeDublin R11d ago
-
Awareness Training | Cyber Security | Cyber security governance | Cybersecurity Awareness | Cybersecurity awareness trainingExecutive-level Full TimeTaipei, Taipei City, Taiwan R12d ago
-
Asset Criticality | Asset discovery | Audit Evidence Collection | Audit Readiness | Audit evidence401k match | Employee assistance program | Employee resource groups | Health benefits | SabbaticalsMid-level Full TimeHorsham, PA (Walnut Grove), United States R12d ago
-
Head of Vulnerability Management USD 220K-275KAWS Security | AWS Security Hub | CI/CD | CIS Benchmarks | CVSSExecutive-level Full TimeLakeway TX - Telecommuter, United States R12d ago
-
AI Governance | AI ethics | AI impact | AI impact assessment | AutomationCoaching sessions | Continuous learning courses | Professional development programsSenior-level Full TimeBowie, United States R12d ago
-
Senior Director, Security Governance EUR 72K-103KAI Risk Management Framework | Artificial Intelligence | Audit management | CIS Controls | DashboardingSenior-level Full TimeRemote-Ireland R12d ago
-
Director, Security Engineering - Remote in Spain EUR 95K-110KASM | AWS Security | Application Security | Artificial Intelligence | AutomationFlexible work hours | Free Training Resources | Free therapy vouchers | Generous time off | Health and wellness supportExecutive-level Full TimeBarcelona, ES; Madrid, ES; Sevilla, ES; … R12d ago