Director of IT Governance, Risk, and Compliance
Posted on: May 14, 2022
Director, IT Governance, Risk, and ComplianceThe Director, IT
Governance, Risk, and Compliance is responsible for the oversight
and coordination of the GRC program. The Director is expected to
fully understand industry better practices, and regulatory
requirements relating to cybersecurity (including NIST, SOX, PCI,
FedRAMP, StateRAMP, ISO, GDPR, CCPA, HITRUST, GxP, and others) and
ensure the organization's framework is designed and implemented
- Define the Labcorp IT GRC strategy and ensure the selection of
controls is consistent with the strategy.
- Design and implement an integrated risk management approach
that applies operating controls to manage information security
- Provide input to the Head of Business Resilience and Risk,
Chief Information Risk Officer, and other senior leaders to
determine organizational risk management strategy.
- Align cybersecurity management processes with strategic,
operational, and budgetary planning processes.
- Coordinate with the Risk Committee to ensure categorization
decision is appropriate for the organizational risk management
strategy and satisfies requirements for high-value assets.
- Promote the use of common controls to more effectively utilize
- Provide oversight to the risk management process to ensure that
cyber risk to mission and business success is considered in
- Provide an organization-wide forum to consider all sources of
risk, including aggregated risk from individual systems.
- Lead M&A activity related to Information Security and
- Lead the supply chain risk management program.
- Other duties as requiredMinimum Requirements:Required Education
- Master of Business Administration, Cybersecurity, or
Cybersecurity Law preferred.
- 15+ years' experience in cybersecurity with a minimum of 7+ in
cybersecurity governance risk and compliance may substitute for a
- 5+ years Management/leadership experienceRequired Skills and
- Ability to promote collaboration and cooperation among
- Strong track record of managing people, projects, and
- Demonstrated interpersonal/verbal communication skills
- Strong understanding of Cybersecurity risk frameworks and
ability to lead and oversee the execution and implementation of the
- Ability to determine and set the strategic direction of the
Cybersecurity GRC function
- Strong understanding of industry standards and regulations
including: NIST, SOX, PCI, FedRAMP, StateRAMP, ISO, GDPR, CCPA,
HITRUST, GxP, and others
- Proven analytical rigor in formulating objectives and measuring
- Strong skills and experience in designing and documenting
complex processes, and identifying and eliminating deficiencies in
existing process designs
- Demonstrated ability to establish and maintain strong working
relationships with stakeholders, partners, and industry peers
- Track record of successfully developing and maturing cyber risk
organizations with an emphasis on delivering results.
- Occasional travel will be requiredLabcorp is proud to be an
Equal Opportunity Employer:As an EOE/AA employer, the organization
will not discriminate in its employment practices due to an
applicant's race, age, color, religion, sex, national origin,
sexual orientation, gender identity, disability or veteran
status.For more information about how we collect and store your
personal data, please see our Privacy Statement.
Keywords: Labcorp, Durham , Director of IT Governance, Risk, and Compliance, Executive , Durham, North Carolina
Didn't find what you're looking for? Search again!