Director, Compliance and Business Office

JOB DESCRIPTION:

THE OPPORTUNITY:

This position works out of our Lake County Illinois Minneapolis/St Paul Minnesota or Chicago IL locations for the Business Technology Services group. The Director Business Office and Compliance

is responsible for working with leadership to maintain and improve the companys approach to apply and adhere to controls and protections. The Director Business Office and Compliance leads a team of subject matter experts charged with verifying and driving the effectiveness of Abbotts cybersecurity requirements.

What youll work on

• Oversee and lead both operational excellence and improvements in existing programs and tailored compliance assessments (PCI SOx SWIFT ISO27001). These programs and processes must drive to timely remediation of any improvements noted via process leadership dashboards and other mechanisms.
• Design and direct robust processes to drive additions to second line of defense and oversight mechanisms for controls via new GRC functionality including implementation of:
  • Control attestations
  • Testing procedures
  • Indicators
  • Automation of controls oversight
• Serve as audit liaison to various internal and external audit stakeholder groups helping support the teams in understanding the complex business environment.
• Provide subject matter expertise and assistance to stakeholders advising on the most effective and efficient controls application strategy
• Effectively communicate risk-related concepts to stakeholders with the ability to simplify the complex.
• Attract and retain talent and ensure staff development (leadership cross-functional technical global perspective).
• Manage an operating budget and project spend with financial discipline.
• Establish and maintain a resource model that can flex as needed to support controls testing rollouts and/or special initiatives.
• Build and maintain relationships necessary for the successful execution of the cybersecurity controls compliance and oversight program.
• Drive and oversee cyber project governance and portfolio management ensuring alignment with strategic objectives resource optimization and adherence to standardized methodologies across all initiatives.
• Manage business operations and financial oversight including budgeting forecasting vendor management and performance reporting to support organizational efficiency across the cyber organization.

Required Qualifications

• Bachelors Degree in Information Security Risk / IT Management Computer Science Computer Engineering related field or commensurate experience
• Minimum 10-12 years of experience in governance risk or compliance
• Experience in leading a team
• Strong analytical skills business intelligence effective communication interpersonal skills organizational intelligence relationship management the ability to make meaningful decisions based on sound judgement
• The ability to work effectively with a variety of roles from Executive Management to Analysts
• Strong understanding of risk management programs and their interactions with internal and external stakeholders

Preferred Qualifications

Certifications such as CISA CISM CRISC CISSP are preferred Knowledge of national and international regulatory and compliance frameworks such as NIST Cybersecurity Framework ISO 27001 EU DPD HIPAA/HITECH Experience in medical device or life sciences industries or other highly regulated environments

The base pay for this position is

In specific locations the pay range may vary from the range posted.

JOB FAMILY:

DIVISION:

LOCATION:

ADDITIONAL LOCATIONS:

WORK SHIFT:

TRAVEL:

MEDICAL SURVEILLANCE:

SIGNIFICANT WORK ACTIVITIES:

Director