Verizon
Assoc Director Security Risk Management
Verizon, Alpharetta, Georgia, United States, 30239
When you join VerizonYou want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love — driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together — lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the V Team Life.
What you’ll be doing...The Verizon CyberSecurity (VCS) team is seeking a highly experienced and motivated Compliance Associate Director to join the Governance, Risk and Compliance team. This role will develop, implement and maintain a comprehensive cybersecurity compliance program that includes customer and federally regulated compliance programs. This role will report to the Director of Policy, Audit and Compliance and will partner with leaders and teams throughout Verizon. In order to achieve this, the role requires strategic and thoughtful decision-making, an inquisitive and risk-based mindset, strong interpersonal competencies with peers and stakeholders, and a solution-oriented approach to ensure stakeholder satisfaction.
Key Responsibilities:
Program Management
Develop, implement and maintain a comprehensive cybersecurity compliance program, aligned to industry standards and regulations such as ISO 27001, NIST 800-171, NIST 800-53, PCI DSS.
Oversee and manage the audit process associated with customer and federally regulated compliance programs, including coordinating with the third-party assessors and internal stakeholders.
Report on the status of the compliance programs to senior management.
Conduct regular risk assessments and gap analysis to proactively identify and mitigate potential non-compliance matters and potential vulnerabilities.
Collaboration & Communication:
Partner with various stakeholders across the organization, including IT, Legal, Compliance, and business units.
Participate in audits and assessments.
Stay abreast of emerging security threats, vulnerabilities, and industry best practices to proactively address potential risks.
Act as a subject matter expert and provide guidance to the organization on compliance related matters.
People Management:
Lead, develop, and manage employees to achieve the organization’s roles, including recruiting, training, developing and performance management.
Ensure personnel are appropriately aligned to assigned projects and responsibilities based on skills and performance.
What we’re looking for...
You’ll need to have:
Bachelor's degree in Computer Science, Information Security, or a related field or four or more years of work experience.
Eight or more years of relevant work experience, demonstrated through one or a combination of work and/or military experience, or specialized training.
Four or more years of experience in a compliance and/or audit role, preferably in a leadership capacity.
Two or more years of program management experience.
Even better if you have one or more of the following:
Strong understanding of information security frameworks and standards such as ISO 27001, NIST CSF, NIST 800-53, NIST 800-171, and PCI DSS
Experience managing large scale projects, audits and/or compliance efforts.
Proven ability to track observations/gaps/vulnerabilities in support of compliance/audit efforts.
Familiarity with security technologies such as firewalls, intrusion detection/prevention systems, and vulnerability scanners.
Excellent written and verbal communication skills, with the ability to translate complex technical concepts into clear and concise language for various audiences.
Strong analytical, problem-solving, and decision-making skills.
Experience with ServiceNow functionality.
Relevant industry certifications such as CISSP, CISM, CRISC, PCI QSA, PCI ISA are highly desired.
If Verizon and this role sound like a fit for you, we encourage you to apply even if you don’t meet every “even better” qualification listed above.
Where you’ll be workingIn this hybrid role, you'll have a defined work location that includes work from home and a minimum eight assigned office days per month that will be set by your manager.
Scheduled Weekly Hours40
Equal Employment OpportunityWe’re proud to be an equal opportunity employer - and celebrate our employees’ differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.
What you’ll be doing...The Verizon CyberSecurity (VCS) team is seeking a highly experienced and motivated Compliance Associate Director to join the Governance, Risk and Compliance team. This role will develop, implement and maintain a comprehensive cybersecurity compliance program that includes customer and federally regulated compliance programs. This role will report to the Director of Policy, Audit and Compliance and will partner with leaders and teams throughout Verizon. In order to achieve this, the role requires strategic and thoughtful decision-making, an inquisitive and risk-based mindset, strong interpersonal competencies with peers and stakeholders, and a solution-oriented approach to ensure stakeholder satisfaction.
Key Responsibilities:
Program Management
Develop, implement and maintain a comprehensive cybersecurity compliance program, aligned to industry standards and regulations such as ISO 27001, NIST 800-171, NIST 800-53, PCI DSS.
Oversee and manage the audit process associated with customer and federally regulated compliance programs, including coordinating with the third-party assessors and internal stakeholders.
Report on the status of the compliance programs to senior management.
Conduct regular risk assessments and gap analysis to proactively identify and mitigate potential non-compliance matters and potential vulnerabilities.
Collaboration & Communication:
Partner with various stakeholders across the organization, including IT, Legal, Compliance, and business units.
Participate in audits and assessments.
Stay abreast of emerging security threats, vulnerabilities, and industry best practices to proactively address potential risks.
Act as a subject matter expert and provide guidance to the organization on compliance related matters.
People Management:
Lead, develop, and manage employees to achieve the organization’s roles, including recruiting, training, developing and performance management.
Ensure personnel are appropriately aligned to assigned projects and responsibilities based on skills and performance.
What we’re looking for...
You’ll need to have:
Bachelor's degree in Computer Science, Information Security, or a related field or four or more years of work experience.
Eight or more years of relevant work experience, demonstrated through one or a combination of work and/or military experience, or specialized training.
Four or more years of experience in a compliance and/or audit role, preferably in a leadership capacity.
Two or more years of program management experience.
Even better if you have one or more of the following:
Strong understanding of information security frameworks and standards such as ISO 27001, NIST CSF, NIST 800-53, NIST 800-171, and PCI DSS
Experience managing large scale projects, audits and/or compliance efforts.
Proven ability to track observations/gaps/vulnerabilities in support of compliance/audit efforts.
Familiarity with security technologies such as firewalls, intrusion detection/prevention systems, and vulnerability scanners.
Excellent written and verbal communication skills, with the ability to translate complex technical concepts into clear and concise language for various audiences.
Strong analytical, problem-solving, and decision-making skills.
Experience with ServiceNow functionality.
Relevant industry certifications such as CISSP, CISM, CRISC, PCI QSA, PCI ISA are highly desired.
If Verizon and this role sound like a fit for you, we encourage you to apply even if you don’t meet every “even better” qualification listed above.
Where you’ll be workingIn this hybrid role, you'll have a defined work location that includes work from home and a minimum eight assigned office days per month that will be set by your manager.
Scheduled Weekly Hours40
Equal Employment OpportunityWe’re proud to be an equal opportunity employer - and celebrate our employees’ differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.