Logo
hp

Director Governance, Risk and Compliance

hp, Palo Alto, CA, United States


Director Governance, Risk and Compliance

Description:

HP is seeking a security risk management leader to enhance and manage a world-class global security risk management and compliance program to reduce company risk and increase efficiencies. This leader will drive HP PRINT GRC initiatives.

The Role:

  • Develop the strategy and roadmap for managing technology, risk, information security, and the compliance environment, contributing to HP’s business growth.
  • Evaluate the current state of HP PRINT division security and risk profile and develop a risk-based gap analysis to implement and maintain a best-in-class security program.
  • Partner closely with key stakeholders and business leaders, providing guidance and risk reports, and ensuring the information security strategy aligns with business and product roadmap goals.
  • Identify risks and prevent vulnerabilities, including the evaluation and recommendation of all technical and business controls.
  • Effectively manage all enterprise cyber, data protection, and insider threat programs, including establishing incident response, 24x7 security operations center, and security engineering, architecture and intelligence teams.
  • Lead the development, training and dissemination of security policies, standards, and guidelines. Create and implement security awareness training programs.
  • Own the investigation process for all security incidents and ensure corrective actions are completed in a timely manner. Additionally, oversee the development of all security contingency plans.
  • Ensure compliance to critical standards as company expands into new markets that require new security compliance measures such as SOX, FedRAMP, ISO 2700X, etc.
  • Adherence to organizational policies and guidelines, supports compliance initiatives, maintains confidence, conducts business with honesty, and shows consistency in words and actions.

Qualifications:

  • Deep expertise across security, IT audit, and legal security standards, guidelines, and principles within a large, highly distributed, complex organization.
  • Track record of building, growing, and maintaining high-performing security teams, driving transformation in a growth environment. You are a hands-on leader who leads by example.
  • Demonstrated ability to leverage advanced knowledge of a business structure and components of a product or service to evaluate business needs, analyze gaps caused by change initiatives, determine potential opportunities and drive transformation.
  • Experience leading technical security scanning, penetration testing, application security testing, mobile device security analysis, network security analysis, business continuity and disaster recovery.
  • Strong experience with state-of-the-art security technology and technical concepts.
  • Expert in enterprise risk management and defining and applying a risk management framework for a large global organization.
  • Deep knowledge of cloud security, network security, data protection, as well as OT security or security in a manufacturing environment.
  • Experience with enforcing secure coding practices, threat modeling, identity and access management, and security incident response and recovery.
  • Strategic problem solver who is analytically driven and an effective communicator who can present complex analysis to business leaders and executive leadership.
  • Minimum of 10 years of experience in enterprise risk and information security for a global company.
  • Bachelor’s degree in related field strongly preferred.
  • CISSP/CISA certification strongly preferred. Successfully led organizations to obtain and maintain required security certifications.

Job: Data & Information Technology

Schedule: Full time

Shift: No shift premium (United States of America)

Travel:

Relocation:

Equal Opportunity Employer (EEO):

HP, Inc. provides equal employment opportunity to all employees and prospective employees, without regard to race, color, religion, sex, national origin, ancestry, citizenship, sexual orientation, age, disability, or status as a protected veteran, marital status, familial status, physical or mental disability, medical condition, pregnancy, genetic predisposition or carrier status, uniformed service status, political affiliation or any other characteristic protected by applicable national, federal, state, and local law(s).

#J-18808-Ljbffr