Director Governance Risk Compliance

Hearst Technology Inc Information Security Office seeks a Director of Governance Risk and Compliance.
This handson position will oversee the Hearst Governance Risk and Compliance (GRC) team. Ensures the overall effectiveness of the Hearst Information Security Risk Management program.
Hearst is a leading global diversified media information and services company with over 360 businesses. Its major interests include ownership in cable television networks; global financial services leader Fitch Group; Hearst Health; Hearst Transportation; 33 television stations; 24 daily and 42 weekly newspapers; more than 300 magazines around the world; digital services businesses; and investments in emerging digital entertainment companies.
Responsibilities:
Responsible for the security Information Security Governance Risk and Compliance management function.
Build and manage a high performing team of risk professionals through recruitment training coaching and performance management
Build and maintain successful stakeholder relationships with technology and business executives by developing a clear understanding of business needs acting as a trusted advisor and ensuring costeffective delivery of security services to meet those needs
Educate risk owners on risk management best practices and work with other risk functions (e.g. Internal Audit and Legal) in the development and implementation of risk controls and treatment plans
Continuously improve the Information Security Risk Management Program
Develop and maintain all relevant documentation policies standards guidelines and frameworks embedding controls into process across the business and technology units
Assists in the early identification of risk trends by establishing and monitoring key performance and key risk indicators via Risk and Business Impact Assessments
Oversee global security awareness strategy and programs fostering a culture where security is everyones responsibility
Manage Compliance programs across business units e.g. PCI HIPAA Privacy Internal/External Audits and 3rd Party Vendor Management
Advise senior management on risk reduction practices and influence process change
Assist the CISO to develop strategic plans and roadmaps
Requirements / Qualifications
10 years of security experience in relevant security domains (e.g. compliance audit security risk management) with 5 years of management experience
Experience implementing and maturing risk frameworks based on NIST ISO PCI HITRUST and SOC2
Experience implementing privacy program control frameworks based on privacy regulations such as CCPA and GDPR
Experience managing internal/external audits
One or more industry certificates e.g. CISM CRISC CISA CIPM CISSP
Experience recruiting and building out high performing global security teams
Demonstrated customerfirst mindset
Outstanding communication conceptual thinking change/project management analytical and problemsolving capabilities
Consistent track record owning project/work activities balancing multiple priorities delivering results

In accordance with applicable law Hearst is required to include a reasonable estimate of the compensation for this role if hired in New York City. The reasonable estimate if hired in New York City is $175000$210000. Please note this information is specific to those hired in New York City. If this role is open to candidates outside of New York City the salary range would be aligned to that specific location. A final decision on the successful candidates starting salary will be based on a number of permissible nondiscriminatory factors including but not limited to skills and experience training certifications and education. Hearst provides a competitive benefits package including medical dental vision disability and life insurance 401(k) paid holidays and paid time off employee assistance programs and more.

In accordance with applicable law Hearst is required to include a reasonable estimate of the compensation for this role if hired in New York State. The reasonable estimate if hired in New York State is $175000$210000. Please note this information is specific to those hired in New York City. If this role is open to candidates outside of New York State the salary range would be aligned to that specific location. A final decision on the successful candidates starting salary will be based on a number of permissible nondiscriminatory factors including but not limited to skills and experience training certifications and education. Hearst provides a competitive benefits package including medical dental vision disability and life insurance 401(k) paid holidays and paid time off employee assistance programs and more.