Director of IT Governance, Risk, and Compliance
Company: Labcorp
Location: Durham
Posted on: May 14, 2022
Job Description:
Director, IT Governance, Risk, and ComplianceThe Director, IT
Governance, Risk, and Compliance is responsible for the oversight
and coordination of the GRC program. The Director is expected to
fully understand industry better practices, and regulatory
requirements relating to cybersecurity (including NIST, SOX, PCI,
FedRAMP, StateRAMP, ISO, GDPR, CCPA, HITRUST, GxP, and others) and
ensure the organization's framework is designed and implemented
accordingly.Accountabilities:
- Define the Labcorp IT GRC strategy and ensure the selection of
controls is consistent with the strategy.
- Design and implement an integrated risk management approach
that applies operating controls to manage information security
risk.
- Provide input to the Head of Business Resilience and Risk,
Chief Information Risk Officer, and other senior leaders to
determine organizational risk management strategy.
- Align cybersecurity management processes with strategic,
operational, and budgetary planning processes.
- Coordinate with the Risk Committee to ensure categorization
decision is appropriate for the organizational risk management
strategy and satisfies requirements for high-value assets.
- Promote the use of common controls to more effectively utilize
resources.
- Provide oversight to the risk management process to ensure that
cyber risk to mission and business success is considered in
decision making.
- Provide an organization-wide forum to consider all sources of
risk, including aggregated risk from individual systems.
- Lead M&A activity related to Information Security and
Business Resilience.
- Lead the supply chain risk management program.
- Other duties as requiredMinimum Requirements:Required Education
and Experience:
- Master of Business Administration, Cybersecurity, or
Cybersecurity Law preferred.
- 15+ years' experience in cybersecurity with a minimum of 7+ in
cybersecurity governance risk and compliance may substitute for a
Master degree
- 5+ years Management/leadership experienceRequired Skills and
Abilities:
- Ability to promote collaboration and cooperation among
organizational entities
- Strong track record of managing people, projects, and
processes
- Demonstrated interpersonal/verbal communication skills
- Strong understanding of Cybersecurity risk frameworks and
ability to lead and oversee the execution and implementation of the
frameworks
- Ability to determine and set the strategic direction of the
Cybersecurity GRC function
- Strong understanding of industry standards and regulations
including: NIST, SOX, PCI, FedRAMP, StateRAMP, ISO, GDPR, CCPA,
HITRUST, GxP, and others
- Proven analytical rigor in formulating objectives and measuring
results
- Strong skills and experience in designing and documenting
complex processes, and identifying and eliminating deficiencies in
existing process designs
- Demonstrated ability to establish and maintain strong working
relationships with stakeholders, partners, and industry peers
- Track record of successfully developing and maturing cyber risk
organizations with an emphasis on delivering results.
- Occasional travel will be requiredLabcorp is proud to be an
Equal Opportunity Employer:As an EOE/AA employer, the organization
will not discriminate in its employment practices due to an
applicant's race, age, color, religion, sex, national origin,
sexual orientation, gender identity, disability or veteran
status.For more information about how we collect and store your
personal data, please see our Privacy Statement.
Keywords: Labcorp, Durham , Director of IT Governance, Risk, and Compliance, Executive , Durham, North Carolina
Didn't find what you're looking for? Search again!
Loading more jobs...