I'm seeking an experienced Director of Cybersecurity Risk Management to oversee and enhance an enterprise cyber risk program.
This pivotal role involves building and managing a team to develop cybersecurity risk practice, third-party risk management, security assessments, control frameworks, policies, and performance metrics. You'll be a key advisor to IT and business leaders, shaping a multi-year roadmap to address emerging threats.
???? Location: MD ???? Compensation: $150k-215k
Benefits Include
Comprehensive medical, Rx, dental, and vision coverage
401(k) with employer match
Critical illness and accident insurance
Life insurance, short- and long-term disability
Job Requirements
Develop and implement comprehensive cybersecurity frameworks (e.g., NIST CSF).
Lead the creation of cybersecurity policies, standards, and procedures.
Oversee security assessments, risk prioritization, and mitigation strategies.
Manage and expand GRC platform capabilities for risk tracking and documentation.
Govern third-party cyber risk management in collaboration with key stakeholders.
Partner with Internal Audit for compliance and risk mitigation.
Stay ahead of cyber trends, regulations, and best practices.
Expertise
10+ years of cybersecurity experience
Certifications such as CISSP, CISM, or CRISC are highly desirable.
Expertise in frameworks like NIST CSF, PCI, HIPAA, and SOX compliance.
Hands-on experience with GRC tools (e.g., ServiceNow, Archer).
Strong communication skills for engaging technical and non-technical audiences.
This is preferably a hybrid role out of Maryland, with potential for remote work with the right candidate.