Director Governance, Risk and Compliance
Description -
HP is seeking a security risk management leader to enhance and manage a world-class global security risk management and compliance program to reduce company risk and increase efficiencies. This leader will drive HP PRINT GRC initiatives.
The Role:
- Develop the strategy and roadmap for managing technology, risk, information security, and the compliance environment, contributing to HP’s business growth
- Evaluate the current state of HP PRINT division security and risk profile and develop a risk-based gap analysis to implement and maintain a best-in-class security program
- Partner closely with key stakeholders and business leaders, providing guidance and risk reports, and ensuring the information security strategy aligns with business and product roadmap goals.
- Identify risks and prevent vulnerabilities, including the evaluation and recommendation of all technical and business controls.
- Effectively manage all enterprise cyber, data protection, and insider threat programs, including establishing incident response, 24x7 security operations center, and security engineering, architecture and intelligence teams.
- Lead the development, training and dissemination of security policies, standards, and guidelines. Create and implement security awareness training programs.
- Own the investigation process for all security incidents and ensure corrective actions are completed in a timely manner. Additionally, oversee the development of all security contingency plans.
- Ensure compliance to critical standards as company expands into new markets that require new security compliance measures such as SOX, FedRAMP, ISO 2700X etc..
- Adherence to organizational policies and guidelines, supports compliance initiatives, maintains confidence, conducts business with honesty, and shows consistency in words and actions.
Qualifications:
- Deep expertise across security, IT audit, and legal security standards, guidelines, and principles within a large, highly distributed, complex organization.
- Track record of building, growing, and maintaining high-performing security teams, driving transformation in a growth environment. You are a hands on leader who leads by example.
- Demonstrated ability to leverage advanced knowledge of a business structure and components of a product or service to evaluate business needs, analyze gaps caused by change initiatives, determine potential opportunities and drive transformation.
- Experience leading technical security scanning, penetration testing, application security testing, mobile device security analysis, network security analysis, business continuity and disaster recovery.
- Strong experience with state-of-the-art security technology and technical concepts.
- Expert in enterprise risk management and defining and applying a risk management framework for a large global organization.
- Deep knowledge of cloud security, network security, data protection, as well as OT security or security in a manufacturing environment.
- Experience with enforcing secure coding practices, threat modeling, identity and access management, and security incident response and recovery.
- Strategic problem solver who is analytically driven and an effective communicator who can present complex analysis to business leaders and executive leadership.
- Minimum of 10 years of experience in enterprise risk and information security for a global company.
- Bachelor’s degree in related field strongly preferred.
- CISSP/CISA certification strongly preferred. Successfully led organizations to obtain and maintain required security certifications.
HP offers a comprehensive benefits package, including:
- Dental insurance
- Disability insurance
- Employee assistance program
- Flexible schedule
- Flexible spending account
- Health insurance
- Life insurance
Our compensation reflects the cost of labor across several U.S. geographic markets, and we pay differently based on those defined markets. The typical base pay range for this role across the U.S. is $146,650.00 -- $234,600.00 annually with additional opportunities for pay in the form of bonus and/or equity. Pay within this range varies by work location and may also depend on job-related knowledge, skills, and experience. Your recruiter can share more about the specific salary range for the job location during the hiring process.
Job -
Data & Information Technology
Schedule -
Full time
Shift -
No shift premium (United States of America)
Travel -
Relocation -
Equal Opportunity Employer (EEO) -
HP, Inc. provides equal employment opportunity to all employees and prospective employees, without regard to race, color, religion, sex, national origin, ancestry, citizenship, sexual orientation, age, disability, or status as a protected veteran, marital status, familial status, physical or mental disability, medical condition, pregnancy, genetic predisposition or carrier status, uniformed service status, political affiliation or any other characteristic protected by applicable national, federal, state, and local law(s).
Please be assured that you will not be subject to any adverse treatment if you choose to disclose the information requested. This information is provided voluntarily. The information obtained will be kept in strict confidence.
If you’d like more information about HP’s EEO Policy or your EEO rights as an applicant under the law, please click here: Equal Employment Opportunity is the Law Equal Employment Opportunity is the Law – Supplement