HP
Director Governance, Risk and Compliance
HP, Palo Alto, California, United States, 94306
HP is seeking a security risk management leader to enhance and manage a world-class global security risk management and compliance program to reduce company risk and increase efficiencies. This leader will drive HP PRINT GRC initiatives.
The Role:
Develop the strategy and roadmap for managing technology, risk, information security, and the compliance environment, contributing to HP's business growth
Evaluate the current state of HP PRINT division security and risk profile and develop a risk-based gap analysis to implement and maintain a best-in-class security program
Partner closely with key stakeholders and business leaders, providing guidance and risk reports, and ensuring the information security strategy aligns with business and product roadmap goals.
Identify risks and prevent vulnerabilities, including the evaluation and recommendation of all technical and business controls.
Effectively manage all enterprise cyber, data protection, and insider threat programs, including establishing incident response, 24x7 security operations center, and security engineering, architecture and intelligence teams.
Lead the development, training and dissemination of security policies, standards, and guidelines. Create and implement security awareness training programs.
Own the investigation process for all security incidents and ensure corrective actions are completed in a timely manner. Additionally, oversee the development of all security contingency plans.
Ensure compliance to critical standards as company expands into new markets that require new security compliance measures such as SOX, FedRAMP, ISO 2700X etc..
Adherence to organizational policies and guidelines, supports compliance initiatives, maintains confidence, conducts business with honesty, and shows consistency in words and actions.
Qualifications:
Deep expertise across security, IT audit, and legal security standards, guidelines, and principles within a large, highly distributed, complex organization.
Track record of building, growing, and maintaining high-performing security teams, driving transformation in a growth environment. You are a hands on leader who leads by example.
Demonstrated ability to leverage advanced knowledge of a business structure and components of a product or service to evaluate business needs, analyze gaps caused by change initiatives, determine potential opportunities and drive transformation.
Experience leading technical security scanning, penetration testing, application security testing, mobile device security analysis, network security analysis, business continuity and disaster recovery.
Strong experience with state-of-the-art security technology and technical concepts.
Expert in enterprise risk management and defining and applying a risk management framework for a large global organization.
Deep knowledge of cloud security, network security, data protection, as well as OT security or security in a manufacturing environment.
Experience with enforcing secure coding practices, threat modeling, identity and access management, and security incident response and recovery.
Strategic problem solver who is analytically driven and an effective communicator who can present complex analysis to business leaders and executive leadership.
Minimum of 10 years of experience in enterprise risk and information security for a global company.
Bachelor's degree in related field strongly preferred.
CISSP/CISA certification strongly preferred. Successfully led organizations to obtain and maintain required security certifications.
HP offers a comprehensive benefits package (https://www8.hp.com/h20195/v2/getdocument.aspx?docname=c08571201) , including:
Dental insurance
Disability insurance
Employee assistance program
Flexible schedule
Flexible spending account
Health insurance
Life insurance
Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets. The typical base pay range for this role across the U.S. is $146,650.00 -- $234,600.00 annually with additional opportunities for pay in the form of bonus and/or equity. Pay within this range varies by work location and may also depend on job-related knowledge, skills, and experience. Your recruiter can share more about the specific salary range for the job location during the hiring process.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
The Role:
Develop the strategy and roadmap for managing technology, risk, information security, and the compliance environment, contributing to HP's business growth
Evaluate the current state of HP PRINT division security and risk profile and develop a risk-based gap analysis to implement and maintain a best-in-class security program
Partner closely with key stakeholders and business leaders, providing guidance and risk reports, and ensuring the information security strategy aligns with business and product roadmap goals.
Identify risks and prevent vulnerabilities, including the evaluation and recommendation of all technical and business controls.
Effectively manage all enterprise cyber, data protection, and insider threat programs, including establishing incident response, 24x7 security operations center, and security engineering, architecture and intelligence teams.
Lead the development, training and dissemination of security policies, standards, and guidelines. Create and implement security awareness training programs.
Own the investigation process for all security incidents and ensure corrective actions are completed in a timely manner. Additionally, oversee the development of all security contingency plans.
Ensure compliance to critical standards as company expands into new markets that require new security compliance measures such as SOX, FedRAMP, ISO 2700X etc..
Adherence to organizational policies and guidelines, supports compliance initiatives, maintains confidence, conducts business with honesty, and shows consistency in words and actions.
Qualifications:
Deep expertise across security, IT audit, and legal security standards, guidelines, and principles within a large, highly distributed, complex organization.
Track record of building, growing, and maintaining high-performing security teams, driving transformation in a growth environment. You are a hands on leader who leads by example.
Demonstrated ability to leverage advanced knowledge of a business structure and components of a product or service to evaluate business needs, analyze gaps caused by change initiatives, determine potential opportunities and drive transformation.
Experience leading technical security scanning, penetration testing, application security testing, mobile device security analysis, network security analysis, business continuity and disaster recovery.
Strong experience with state-of-the-art security technology and technical concepts.
Expert in enterprise risk management and defining and applying a risk management framework for a large global organization.
Deep knowledge of cloud security, network security, data protection, as well as OT security or security in a manufacturing environment.
Experience with enforcing secure coding practices, threat modeling, identity and access management, and security incident response and recovery.
Strategic problem solver who is analytically driven and an effective communicator who can present complex analysis to business leaders and executive leadership.
Minimum of 10 years of experience in enterprise risk and information security for a global company.
Bachelor's degree in related field strongly preferred.
CISSP/CISA certification strongly preferred. Successfully led organizations to obtain and maintain required security certifications.
HP offers a comprehensive benefits package (https://www8.hp.com/h20195/v2/getdocument.aspx?docname=c08571201) , including:
Dental insurance
Disability insurance
Employee assistance program
Flexible schedule
Flexible spending account
Health insurance
Life insurance
Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets. The typical base pay range for this role across the U.S. is $146,650.00 -- $234,600.00 annually with additional opportunities for pay in the form of bonus and/or equity. Pay within this range varies by work location and may also depend on job-related knowledge, skills, and experience. Your recruiter can share more about the specific salary range for the job location during the hiring process.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.