Logo
PRI Technology

Director of IT Compliance

PRI Technology, Saint Paul, MN, United States

I have a full time opportunity in Austin, TX for a Director of IT Compliance with one of our renowned global industrial clients who is building out their leadership team.

This role will report directly to the Cyber Risk VP.

This role will be 2 days onsite and 3 days remote.

This opportunity comes with a generous base salary and employee benefits plan.

Responsibilities:

  • Advise on effective risk mitigation strategies and ensures implementation of controls/processes to comply with the regulations.
  • Function as the IT liaison with senior leaders and Internal/External auditors and consultants on Information Security and regulatory compliance engagements.
  • Perform scoping assessments for upcoming regulations and inspection of relative technologies and oversee implementation by driving timely completion of risk related deliverables and issue resolution.
  • Identify, prioritize and implement security strategy, initiatives, establish security goals, and create a roadmap for the organization
  • Understand third party risks as related to specific technology area/regulatory scope.
  • Determine, develop, maintain, and publish corporate-level information security policies, standards, procedures, and guidelines, including incident response and compliance reporting procedures.
  • Effectively engage with technology teams to gain full understanding of technology and the control environment.
  • Manage the design, implementation, and maintenance of our IT Compliance Programs (SOX, PCI, eCommerce and Fraud Analytics).
  • Identify, assess and report on risks, practice and projects to stakeholders across the organization.
  • Lead regular risk assessments to identify and evaluate potential security threats and vulnerabilities.
  • Identify vulnerabilities and security weaknesses across the enterprise and drive the resolution and mitigation of found errors/incidents enterprise wide.
  • Work cross functionally with other department to implement architectures for systems, networks, and applications. Assist peer managers in understanding security and control deficiencies and responding to internal and external audit reports.
  • Work with product teams to incorporate security and privacy by design into our products/services
  • Engage in tabletop scenarios, penetration studies, threat analysis, vulnerability assessments, and security audit activities to ensure IT controls and security are effective.
  • Build and report information security metrics that enable executive leadership to effectively assess performance of security program, controls, risk management, risk mitigation and justify technology investments
  • Establish and maintain third-party vendor risk assessment program. Conduct security reviews of potential third-party providers / acquisition targets.
  • Accountable for monitoring emerging threats and security practices and recommending changes to security / compliance programs as needed.
  • Coordinate validation discussions with second and third lines of defense
  • Maintains strong relationships with industry peers, partners, vendors, external agencies, and regulatory bodies.

Qualifications:

  • Expert knowledge of Cyber/Information Security and compliance. Specifically in the areas of security architectures and associated technologies, security operation centers, security engineering, identity governance and administration/identity and access management (IGA/IAM), privilege access management (PAM), application security, governance, risk, compliance (GRC) and eCommerce fraud prevention.
  • Working knowledge of cybersecurity technologies covering a global digital ecosystem.
  • Direct global leadership experience (ideally in a matrix environment), as well as managing external resources.
  • Bachelor degree strongly preferred in Information Security or equivalent. Master degree desirable.
  • Has had the opportunity to implement information security strategies, policies, and procedures, ideally in a larger organization / enterprise wide.
  • Identifies and measures global information security controls on critical business processes or channels
  • Previous senior leadership exposure / comfortable engaging with senior level stakeholders
  • Strategic prowess and ability to see the big picture organizationally; ability to adapt accordingly
  • Strong relationship development skills
  • Self-motivated, ability to work collaboratively across the organization and various domains
  • Solid analytical skills with the ability to solve problems and develop creative solutions
  • Strong organization, problem solving, and presentation skills
  • Excellent communication and interpersonal skills
  • Strong leadership, team management, and negotiation skills

Lori Sklarski

Senior Technical Recruiter, PRI Technology

Lori.sklarski@pritechnology.com

Direct:(973)-354-2797

Office: 973.732.5454 x27

Cell: 973.432.9968

www.pritechnology.com

www.pritechnology.com