The Sr. Director of Security Compliance is accountable for leading information risk, governance and compliance programs in support of the company’s security strategy. Reporting directly to the Chief Security Officer, primary responsibilities include chartering a GRC platform to provide real-time view of security and compliance across enterprise and customer service offerings. The individual will provide active and engaged leadership with Business, Product and IT teams relative to security compliance and risk management, as well in support of strategic company initiatives. This leader will deliver education and focus on security policies and risk exposure.
Responsibilities of Sr. Director Security Compliance
- Accountable for budgeting, forecasting requirements and aligning expertise and team capacity in support of GRC program which maps to the current and planned needs of the business
- Broaden vulnerability management program to advance the company’s regulatory compliance posture and ensure emerging and evolving security risks; vulnerabilities and threats are quickly discovered and mitigated
- Develop and maintain security policy center that balances the demands of security against business strategy and initiatives
- Charter data governance program in support of Chief Privacy Counsel
- Formally and informally responding to customer and regulatory requests with regard to security services, mechanisms and safeguards. Negotiating security language in contracts (this includes regular communications with regulatory, privacy and legal stakeholders and active participation in both internal and external audit activities)
- Defining and implementing risk management framework which accounts for key risk drivers and enables future activity to take place in consistent and controlled manner
- Key ownership of compliance initiatives such as SSAE 16, ISO 27001, Safe Harbor, PCI- DSS, FFIEC, and internal security reviews of the business
- Conduct controls requirements analysis, gap analysis, operational reviews and provide recommendations on efficiency, effectiveness and compliance with policies and regulations
- Responsible for security awareness and educating the key stakeholders about changes in the regulatory requirements that impact security for the company
- Developing metrics that demonstrate current risk state, indicators of progress, and business alignment for those activities
- Supporting other senior leaders in Information Risk Management in leveraging those metrics as part of the overarching risk and operational dashboard
- Maintaining strong knowledge and understanding of business needs, evidenced by the ability to establish and maintain a high level of customer trust and confidence
Requirements and Preferred Requirements of Sr. Director Security Compliance
The ideal candidate should have a professional background in regulatory security requirements for an enterprise and IT service provider.
The ideal candidate should possess:
- 15+ years in Information Technology with 10+ years of progressively leadership positions in security, compliance, internal audit or risk management roles
- Technology Master’s degree – CISSP and/or CISA, CISM, GIAC
- Demonstrates experience of and/or proven record of success leading engagements of operational risk and enterprise risk management
- Knowledge of common information security management frameworks, such as ISO 27001, COBIT and NIST. Additionally, understanding of relevant legal and regulatory requirements, such as Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), and Payment Card Industry/Data Security Standard
- Experience with DoD and Intelligence Community along with strict regulatory compliance issues such as those from governing bodies such as the FFIEC, OCC, SEC, and Federal Reserve as well as regulatory legislation encompassing SOX, GLBA, and PCI
- Proven experience developing security policies and managing complex projects/programs for a larger organization
- Ability to work in a dynamic environment, managing multiple initiatives and commitments simultaneously
- Ability to work in a fast-paced environment with tight deadlines and changing priorities
- Strong communication skills with the ability to present and articulate technical information in business terms
- Ability to exercise strong judgment in analyzing and solving problems of a difficult nature
- Ability to work through complex situations to meet time/budget commitments
- Ability to work effectively in a team environment, as well as independently as required
Our vision is to be the IT solutions provider of choice to ensure the availability of our customers’ business operations. Do you want to make a difference in one of the world’s leading IT services companies? SunGard Availability Services offers careers that combine the independence of working in a small entrepreneurial environment with the depth of resources of a Fortune 500 technology company.
At SunGard Availability Services, we provide operations support to organizations that need to ensure business viability by keeping mission critical information and applications up and running. With the recent launch of our Enterprise Cloud Services, SunGard continues to invest in new technologies to stay in the foreground of technology innovations that solve business challenges.
Unlike other companies that offer individual technology services, SunGard Availability Services is focused on providing responsive and integrated disaster recovery, managed services, IT consulting and business continuity management software solutions, to help organizations keep critical technology and applications available.
At SunGard Availability Services, we know that people our people are our greatest assets; we work hard to develop our employees and rely on them to make wise choices. The result is challenging and rewarding work environment that fosters growth and encourages professional development. That’s why over 3000 dedicated professionals chose SunGard Availability Services as their place of employment.
Apply for Sr. Director Security Compliance
Apply for this job opening on SunGard’s website.