Sr. Director Information Security GRC
Sr. Director Information Security GRC
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Job Description
NRECA is a unique national trade association providing advocacy financial services and business support services to over 900 consumer owned electric cooperatives across the country. NRECA employees are united by our mission inclusive culture collaborative workplace and commitment to service excellence. As a best place to work employer we operate with integrity transparency and a spirit of innovation.
Join IT at NRECA where we are more than a team we are a community. Guided by the core tenets of Simplicity Security Continuity Transparency and Flexibility we strive to deliver business value through collaboration ideation and innovation. Become an integral part of a community driven to continuously improve our processes and transform how we work in partnership with our colleagues and in service to our members. This is a Hybrid role located in Arlington VA.
Summary of Position
This position leads the Governance Risk and Compliance (GRC) team within the Cybersecurity organization. They will advise and collaborate with technical staff and business owners to identify and assess controls to safeguard NRECA data and information systems. We are seeking a candidate who can execute a comprehensive cybersecurity risk management using a detailed understanding of risk management frameworks multiple security domains and the NRECA organization. Manages cybersecurity risk assessments monitors regulatory compliance requirements and develops processes for identifying and managing risk. Supports the Chief Information Security Officer in strategic planning efforts and assessment of company strategies and practices relating to cybersecurity.
Key Responsibilities
- Drive the strategy and execution of Cybersecurity GRC overseeing compliance risk management and data protection. Lead a team providing mentorship training and career development.
- Shape cybersecurity and IT strategy in collaboration with leadership and stakeholders.
- Promote governance initiatives risk awareness and cross-functional support.
- Develop risk mitigation models and oversee IT security policies exceptions and approvals.
- Conduct cybersecurity risk assessments and advise on risk within business decisions.
- Establish metrics to evaluate security program effectiveness and align with business goals.
Qualifications
Required Qualifications and Skills
- Bachelors in Computer Science Management Information Systems Information Security or related field. Masters degree preferred.
- 15 years of experience in Information Security with 10 in risk and compliance IT operations or security engineering and 5 years of experience in performing security control assessments.
- 12 years successfully recruiting managing and retaining highly talented and motivated staff.
- Experience with a variety of technology disciplines such as: software development systems engineering systems integration and technology evaluation.
- Experience leading complex technology initiatives involving multiple businesses including the use of RFI RFP and contractual service requirements.
- Experience with network design topologies and architectures; security architecture (cloud and on-premises) IAM technologies PKI and PIV standards and Cloud technologies.
- Experience with external Third-Party Management
Preferred Certifications
- Information Systems Security Professional (CISSP)
- Risk and Information Systems Control (CRISC)
- Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA)
- Governance of Enterprise IT (CGEIT)
- Global Information Assurance Certification (GIAC) Security Expert
- AWS Certified Solutions Architect Associate
- Project Management Professional (PMP)
Essential Physical Requirements
- The worker is required to have close visual acuity to perform an activity such as: preparing and analyzing data and figures; transcribing; viewing a computer terminal and extensive reading.
- Exerting up to 20 pounds of force occasionally and/or up to 10 pounds of force frequently and/or a negligible amount of force constantly to move objects. If the use of arm and/or leg controls requires exertion of forces greater than that for sedentary work and the worker sits most of the time the job is rated for light work.
Additional Requirement:
The preceding job description has been written to reflect managements assignment of essential functions. It does not prescribe or restrict the tasks that may be assigned. All qualified applicants will receive consideration for employment without regard to race color sex sexual orientation gender identity religion national origin disability veteran status or other legally protected status.
NRECA is committed to working with and providing reasonable accommodation to individuals with physical and mental disabilities. If you need special assistance or an accommodation while seeking employment please e-mail or call: - NRECA Arlington Human Resources. Please call - NRECA Lincoln Human Resources for Lincoln NE employment opportunities. We will make a determination on your request for reasonable accommodation on a case-by-case basis.
The U.S. Equal Employment Opportunity Commission (EEOC) recently released the Know Your Rights poster which updates and replaces the previous EEO is the Law poster and EEO Is the Law Poster Supplement.
Pay Transparency Non-Discrimination. NRECA will not discharge or in any other manner discriminate against employees or applicants because they have inquired about discussed or disclosed their own pay. Please see the Pay Transparency Nondiscrimination Provision for more information.
E-Verify. As a Federal Contractor NRECA is required to participate in the E-Verify Program to confirm eligibility to work in the United States. For information please click on the following link: E-Verify.
For more information about life at NRECA please visit .
Required Experience:
Director
Employment Type
Full-Time
