Director, Cybersecurity Due Diligence – Assessments
Missouri, United States of America
Full Time
1 week ago
$126,710 - $188,840 USD
No Visa Sponsorship
Key skills
CloudCyber SecurityFirewallsIAMSSOProject ManagementRisk ManagementStrategic PlanningCommunicationCritical Thinking
About this role
Role Overview
- Works as a part of the Global Security Office (GSO) to lead and influence initiatives pertaining to security governance, security risk management reporting, and cybersecurity risk assessments.
- This role requires excellent people, communication and soft skills to maintain strong global business relationships while promoting GSO services and engagement.
- This role is responsible for continuously driving team innovation and improvements in all aspects of services being provided by the GSO.
- Manages a team to ensure timely and effective risk management reporting, maintain the security risk register, and escalate newly identified risks in alignment with established risk thresholds, appetite, and rating methodologies.
- Oversees process to evaluate the security risks associated with vendors and suppliers.
- Facilitates cross-functional review of findings and determine a proper risk-based outcome and resource availability for management response of remediation activities and timelines.
- Adhere to risk management framework and adoption of improvements supporting continuous program maturity.
- Oversees technical security assessments and other control validation activities, ensuring results are accurately interpreted, risk-rated, and integrated into the security risk management process.
- Manages, mentors, and directs activities of associates within the department and performs supervisory duties including but not limited to, hiring, training, evaluating, and coaching of direct reports.
- Leads the development and implementation of cyber security risk management initiatives and maintain technical security expertise to properly evaluate risks.
- Participate in GSO's governance processes and process improvement workshops.
Requirements
- 5+ Years progressive professional experience evaluating, delivering, and/or managing in a complex IT environment(s)
- Required.
- 7+ Years professional experience including 7 years working in a complex, global corporation
- Required.
- Advanced understanding of IT domains: infrastructure, networking, storage, databases, operating systems, cloud, applications, etc.
- Required.
- Advanced understanding of security technologies and domains, including: SSO, IAM, DLP, EDR, SIEM, firewalls, gateways, IDS/IPS, CASB, SSDLC, cryptography, PKI, etc.
- Required.
- Advanced understanding of security technologies, frameworks/standards (e.g., NIST CSF, NIST 800-53, ISO/IEC 27001, NIST 800-30, ISO/IEC 27005, etc.), and risk management methodologies.
- Required.
- Strong ability to make timely and effective decisions and produce results through strategic planning and the implementation and evaluation of programs and policies.
- Required.
- Strong project management skills. Demonstrates ability to evaluate project objectives and scope feasibility, gain understanding, schedule resources, and manage budget to plan.
- Required.
- Strong analytical, critical thinking and decision-making skills and excellent written and verbal communication skills. Manages a generally homogeneous team; adapts plans and priorities to meet service and/or operational changes.
- Required.
- Ability to quickly learn and understand the business of RGA. Previous experience as a Security Risk Analyst, Systems Administrator, IT Auditor, Developer, Security Engineer, Penetration Tester, Cloud Engineer.
- Required.
Tech Stack
- Cloud
- Cyber Security
- Firewalls
Benefits
- Annual bonus plan
- Long-term equity incentive plan
- Full range of health benefits
- Retirement plans