I'm seeking an experienced Director of Cybersecurity Risk Management to oversee and enhance an enterprise cyber risk program.
This pivotal role involves building and managing a team to develop cybersecurity risk practice, third-party risk management, security assessments, control frameworks, policies, and performance metrics. You'll be a key advisor to IT and business leaders, shaping a multi-year roadmap to address emerging threats.
📍 Location: MD💼 Compensation: $150k-215k
Benefits Include
- Comprehensive medical, Rx, dental, and vision coverage
- 401(k) with employer match
- Critical illness and accident insurance
- Life insurance, short- and long-term disability
Job Requirements
- Develop and implement comprehensive cybersecurity frameworks (e.g., NIST CSF).
- Lead the creation of cybersecurity policies, standards, and procedures.
- Oversee security assessments, risk prioritization, and mitigation strategies.
- Manage and expand GRC platform capabilities for risk tracking and documentation.
- Govern third-party cyber risk management in collaboration with key stakeholders.
- Partner with Internal Audit for compliance and risk mitigation.
- Stay ahead of cyber trends, regulations, and best practices.
Expertise
- 10+ years of cybersecurity experience
- Certifications such as CISSP, CISM, or CRISC are highly desirable.
- Expertise in frameworks like NIST CSF, PCI, HIPAA, and SOX compliance.
- Hands-on experience with GRC tools (e.g., ServiceNow, Archer).
- Strong communication skills for engaging technical and non-technical audiences.
This is preferably a hybrid role out of Maryland, with potential for remote work with the right candidate.