Didn't find the right job?

Get expert career advice to help you find the ideal role and improve your job search strategy.

4,841 Cybersecurity Director jobs in the United States

BISO Cybersecurity Director

30009 Alpharetta, Georgia ABM Industries

Posted 2 days ago

Tap Again To Close

Job Description

**Overview**
ABM (NYSE: ABM) is a leading provider of facility solutions with revenues of approximately $6.4 billion and over 130,000 employees in 300+ offices deployed throughout the United States and various international locations. ABM's comprehensive capabilities include electrical & lighting, energy solutions, facilities engineering, HVAC & mechanical, janitorial, landscape & turf, mission critical solutions and parking, provided through stand-alone or integrated solutions.
ABM is currently seeking a highly motivated and experienced **Cybersecurity Director, BISO (Business Information Security Officer)** . This role will serve as a senior leader within the Information Security team reporting directly to the Senior Vice President, Chief Information Security Officer.
This role will serve as a senior leader within the Information Security team reporting directly to the Senior Vice President, Chief Information Security Officer. The business information security officer (BISO) serves as a trusted security advisor to lines of business. The BISO understands security risks and technologies and is able to effectively communicate them to business units. The BISO works in tandem with the business across multiple services and platforms to address risk, while advising business leaders to ensure they are making decisions with security in mind. The BISO is an advanced role supporting the cybersecurity program. This individual provides leadership, executive support, and strategic and tactical guidance for a world-class cybersecurity program supporting enterprise security initiatives. As a business enabler, the BISO is an effective communicator with the technical aptitude to drive security fundamentals into aspects of the business.
The BISO must be capable of working closely with senior management, third parties, project managers and business subject matter experts (SMEs). Additionally, the BISO must be personable and able to translate cybersecurity issues to business leader initiatives. The BISO must have a technical background and be able to understand technologies, their purpose, and their security requirements and data protection needs, wherever they reside. BISOs should also understand threats, as well as risk mitigations and technical controls recommended by security leaders.
**Responsibilities:**
In the role of the **Cybersecurity Director, BISO** you will also hold more general responsibilities, such as:
+ Serve as a trusted advisor with business unit leadership.
+ Act as a liaison to ensure cybersecurity practices are built into business unit initiatives for the entire lifecycle.
+ Act as a trusted point of contact across business units.
+ Work closely with security leadership to instill cybersecurity policies and practices throughout business units to address security operations, incident response, application security and infrastructure.
+ Be actively informed and engaged in security projects across the business.
+ Provide disaster recovery and business continuity planning advice when working with leaders for business and cybersecurity resiliency.
+ Enforce the strong security culture set forth by the CISO, ensuring uniformity across security leadership, business units and employees.
+ Foster strong relationships with internal business units and excel in cybersecurity communication.
+ Advise business units on enterprise-wide people, process and technology security recommendations.
+ Bachelor's Degree in Business, Computer Science, Information Security, or related field from an accredited college
+ Minimum of 15(+) years of work experience with a minimum of 10 in Information Technology; with increasing level of responsibility in an organization with similar operational scale and geographic footprint.
+ Experience working with information security management, information management, information systems, legal, compliance, and data governance and/or risk management.
+ Familiarity and knowledge with relevant legal and regulatory requirements like SOX, HIPAA, CPAA, and GDPR.
+ In-depth knowledge of information risk concepts/related business needs to security controls.
+ Understanding of Cloud Computing.
+ Knowledge in security controls frameworks design, application, and testing.
+ Multi-task orientation to handle multiple competing tasks at once while remaining flexible to changing requirements and priorities.
+ Substantial tactical planning capabilities including analytical and innovative thinking.
+ Excellent interpersonal and communication capabilities essential given diverse nature of operating landscape and cultural sensitivities.
+ Must operate with a high degree of integrity and will be expected to work on confidential projects.
+ Strong communications skills (both verbal and written English) required.
+ Strong level of experience using the MS suite of Products.
+ Ability to establish credibility and working relationships with a wide range of corporate personnel, including operations, management, executive and legal staff as well as external personnel, including auditors and regulators.
+ Maintain up-to-date knowledge related to security threats, vulnerabilities and mitigations set forth to reduce the attack surface; circulate this knowledge through the business units.
+ Ensure business projects are focused on cybersecurity from the beginning.
+ Identify and document threats and vulnerabilities that may impact the business and address them regularly with business units.
+ In conjunction with security and business leaders, define key performance indicators (KPIs) and metrics aligning with business initiatives and deliver them to non-technical teams in terms that are accessible and comprehensible.
+ Provide motivation to business units to adopt cybersecurity controls.
+ Remove complexity and obstacles that hinder efficient security controls enterprise-wide.
+ Build relationships with business units to deliver security-by-design controls incorporated into projects, architecture, infrastructure and applications.
+ Stay abreast of new laws, regulations and standards, and assess their impact to the business.
+ Verify security content training initiatives and internal/external communication are conducted regularly.
+ Openly support the CISO, management team and executive leadership, even during tumultuous times.
+ At least 3 years' experience working with business leadership and enterprise projects.
+ Strong written and verbal communication skills across all levels of the organization.
+ Capable of working with diverse teams and promoting an enterprise-wide positive security culture.
+ High level of integrity, trustworthiness and confidence, and able to represent the company and security leadership with the highest level of professionalism.
+ Adept at understanding business focus and processes and ability to inject cybersecurity into the business through teamwork and influence.
+ Strong project management, multitasking and organizational skills.
+ Ability to work effectively with diverse teams and varying personalities, and adapt management style to effectively reach mutually beneficial outcomes.
+ Able to attain and preserve credibility with the team through sustained industry knowledge.
+ Able to motivate the team to achieve excellence, and give credit and recognition where it is due.
+ Applicable knowledge of national and global cybersecurity policies, regulations and security frameworks.
+ Demonstrated understanding and comprehension of a wide range of cybersecurity solutions.
+ Perform other duties as assigned.
**Required Qualifications:**
+ Bachelor's Degree in Business, Computer Science, Information Security, or related field from an accredited college
+ Minimum of 15(+) years of work experience with a minimum of 10 in Information Technology; with increasing level of responsibility in an organization with similar operational scale and geographic footprint with at least 5+ years in an operationally focused security practitioner role.
+ At least 3 years' experience working with business leadership and enterprise projects.
+ Strong written and verbal communication skills across all levels of the organization.
+ Capable of working with diverse teams and promoting an enterprise-wide positive security culture.
+ High level of integrity, trustworthiness and confidence, and able to represent the company and security leadership with the highest level of professionalism.
+ Adept at understanding business focus and processes and ability to inject cybersecurity into the business through teamwork and influence.
+ Strong project management, multitasking and organizational skills.
+ Ability to work effectively with diverse teams and varying personalities, and adapt management style to effectively reach mutually beneficial outcomes.
+ Able to attain and preserve credibility with the team through sustained industry knowledge.
+ Able to motivate the team to achieve excellence, and give credit and recognition where it is due.
+ Applicable knowledge of national and global cybersecurity policies, regulations and security frameworks.
+ Demonstrated understanding and comprehension of a wide range of cybersecurity solutions.
+ Experience working with information security management, information management, information systems, legal, compliance, and data governance and/or risk management.
+ Familiarity and knowledge with relevant legal and regulatory requirements like SOX, HIPAA, CPAA, and GDPR.
+ In-depth knowledge of information risk concepts/related business needs to security controls.
+ Understanding of Cloud Computing.
+ Knowledge in security controls frameworks design, application, and testing.
+ Multi-task orientation to handle multiple competing tasks at once while remaining flexible to changing requirements and priorities.
+ Substantial tactical planning capabilities including analytical and innovative thinking.
+ Excellent interpersonal and communication capabilities essential given diverse nature of operating landscape and cultural sensitivities.
+ Must operate with a high degree of integrity and will be expected to work on confidential projects.
+ Strong communications skills (both verbal and written English) required.
+ Must manage ambiguity, resolve urgent and competing demands, and go above-&-beyond to deliver outcomes.
+ Must have measured courage to say "no," to focus on key priorities.
+ Strong ability to think creatively when approaching issues.
+ Strong critical thinking and problem-solving skills.
+ Ability to think strategically and innovatively, including a demonstrable capacity to proactively identify and respond to relevant IT Risk related issues of both long-term and immediate importance to the Company.
+ Exceptionally self-motivated, directed and detail oriented.
+ Strong level of experience using the MS suite of Products.
+ Ability to establish credibility and working relationships with a wide range of corporate personnel, including operations, management, executive and legal staff as well as external personnel, including auditors and regulators.
+ Self-starter that can work efficiently both independently and with teams.
**Preferred Qualifications:**
+ A Master's degree from an accredited college or university
+ One or more of the following additional Information Security certifications are preferred: ITIL, CISA, CISM, GMON, CISSP, GSNA, CRISC, GSE, CCSP, CHFI.
**Benefit Information:**
ABM offers a comprehensive benefits package. For information about ABM's benefits, visit:
ABM Employee Benefits | Staff & Management ( 85403
ABM is proud to be an Equal Opportunity Employer qualified applicants without regard race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran or any other protected factor under federal, state, or local law. ABM is committed to working with and providing reasonable accommodation to individuals with disabilities. If you have a disability and need assistance in completing the employment application, please call . We will provide you with assistance and make a determination on your request for reasonable accommodation on a case-by-case basis.

View Now

Information Security Management System Lead

80238 Denver, Colorado Generac Power Systems

Posted 1 day ago

Tap Again To Close

Job Description

**We are Generac, a leading energy technology company committed to powering a smarter world.**
Over the 60 plus years of Generac's history, we've been dedicated to energy innovation. From creating the home standby generator market category, to our current evolution into an energy technology solutions company, we continue to push new boundaries.
The ISMS Lead coordinates and maintains the daily operations of the Information Security Management System (ISMS) Program, ensuring compliance with ISO27001 and alignment with Generac's broader cybersecurity and compliance frameworks. The ISMS lead is the central point of contact for cross-functional control owners, capability teams, and audit stakeholders-supporting evidence collection, risk and control tracking, and the orchestration of ISMS-related deliverables across both internal ISMS assessments and external ISO27001 audits.
The ISMS Lead drives operational excellence through governance coordination, audit readiness, and performance monitoring. This includes facilitating working groups, tracking the Statement of Applicability (SoA), risk register updates, and corrective action plans. The role supports both corporate and subsidiary teams in implementing and sustaining ISMS requirements, helping to foster a culture of compliance and continuous improvement across the organization.
**Major Responsibilities**
+ Coordinates the day-to-day operations of the Information Security Management System (ISMS), ensuring alignment with ISO27001 and Generac's unified governance and compliance frameworks
+ Maintains the GRC platform, supporting timely delivery of compliance activities across policy owners, control implementers, and evidence contributors
+ Facilitates internal ISMS assessments, committee meetings, and working group sessions by preparing agendas, tracking action items, and reporting compliance progress
+ Supports capability teams, subsidiaries, and control owners by clarifying implementation expectations, audit documentation needs, and evidence quality standards
+ Tracks and manages the lifecycle of risks, controls, and corrective actions, including updates to the risk register and the Statement of Applicability (SoA)
+ Coordinate ISMS readiness efforts in preparation for external ISO27001 audits or other applicable certification assessments
+ Develops and refines ISMS-related documentation, including procedures, guidelines, control narratives, and support materials
+ Maintains dashboards and performance metrics related to audit readiness, non-conformity closure, and risk treatment activities
+ Identifies bottlenecks, overdue tasks, and control misalignments, escalating as needed to the IT GRC Capability Manager or Director of InfoSec
+ Ensures consistent version control, evidence traceability, and document quality across all submissions in support of audits or assessments
+ Collaborates with Capability Teams and subsidiaries to ensure control implementation aligns with policy and framework expectations
+ Monitors developments in ISO27001:2022, privacy regulations, and industry best practices to continuously improve the ISMS model and processes
+ Supports onboarding and enablement of new ISMS participants, including training on stakeholder roles, tool usage, and evidence responsibilities
+ Coordinates internal evidence gathering for ISMS assessments and external audits, including document requests, stakeholder interviews, and audit walkthrough preparation
**Minimum Job Requirements**
**Education**
+ Bachelor's Degree with Information Technology focus, or equivalent experience
**Work Experience**
+ 5 years experience in Information Security Management Systems or Cyber Security.
+ Proven experience supporting or coordinating ISO27001 compliance or certification efforts.
+ Experience working within a multi-framework compliance program (e.g., ISO27001, NIST, SOC 2, PCI, GDPR).
+ Understanding of risk assessment methodologies, control mapping, and evidence management practices.
+ Experience with GRC platforms, able to apply prior learnings to new GRC tools.
+ Experience with cross functional coordination, providing guidance to teams across IT and business functions
**Knowledge / Skills / Abilities**
+ Familiarity with cloud service models and control responsibilities in SaaS/PaaS/IaaS environments
+ Strong coordination, documentation, and communication skills for multi-stakeholder collaboration
+ Familiarity with unified control framework initiatives or crosswalks across security and privacy standards
+ Understanding of how compliance maps to internal business processes and capability team structures
+ Ability to coordinate evidence requests, policy updates, and SoA changes in a dynamic environment
+ Experience maintaining compliance metrics, dashboards, or remediation tracking reports
+ Knowledge of key control areas such as access control, data protection, vulnerability management, and incident response
**Preferred Job Requirements**
**Certification / License**
+ Certifications preferred: ISO27001 Lead Implementer or Auditor, CISA, CISSP, CISM, or SCF Certified Practitioner
**Great Reasons to work for Generac**
+ Competitive Benefits: Health, Dental, Vision, 401k and many more
+ Pride! When a storm strikes, Generac employees always rise to the occasion. Each time a storm hits, many employees volunteer their time with the customer support team or on the production line, while others go right into storm-affected areas to repair generators
+ Make a positive impact. Generac has always been community-minded and dedicated to giving back. The company proudly offers a Volunteer Time Off program, inviting team members to participate in charitable volunteer opportunities on company time.
+ We're an inclusive company that celebrates differences and keeps equity and respect at the forefront.
**Compensation:** Generac is committed to fair and equitable compensation practices. The salary range for this role when based in Colorado or California is $120,000 to $150,000. This compensation will ultimately be in line with the location in which the position is filled. Final compensation for this role will be determined by various factors such as a candidate's relevant work experience, skills, certifications, and geographic location.
**Physical Demands** : While performing the duties of this job, the employee is regularly required to talk and hear; and use hands to manipulate objects or controls. The employee is regularly required to stand and walk. On occasion the incumbent may be required to stoop, bend or reach above the shoulders. The employee must occasionally lift up to 25 - 50 pounds. Specific conditions of this job are typical of frequent and continuous computer-based work requiring periods of sitting, close vision and ability to adjust focus. Occasional travel.
_"We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, disability status, protected veteran status, or any other characteristic protected by law."_
Over the 60 plus years of Generac's history, we've been dedicated to energy innovation. From creating the home standby generator market category, to our current evolution into an energy technology solutions company, we continue to push new boundaries.
As one of the leaders and largest suppliers of power generation equipment and technology, the work we do touches millions of lives. Employees at Generac are encouraged to be innovative and are valued as an integral part of our global team. Our challenging goals develop knowledgeable employees dedicated to helping continue Generac's success. Generac provides individuals the opportunity to work in a fast-paced agile work environment where their work makes a difference in people's lives and their own.

View Now

Information Security Management System Lead

53189 Waukesha, Wisconsin Generac Power Systems

Posted 14 days ago

Tap Again To Close

Job Description

View Now

Director, Cybersecurity Architecture

54903 Oshkosh, Wisconsin Oshkosh Corporation

Posted 15 days ago

Tap Again To Close

Job Description

**At Oshkosh, we build, serve and protect people and communities around the world by designing and manufacturing some of the toughest specialty trucks and access equipment. We employ over 18,000 team members all united by a common purpose. Our engineering and product innovation help keep soldiers and firefighters safe, is critical in building and keeping communities clean and helps people do their jobs every day.**
**JOB SUMMARY:**
Oshkosh Corporation owns significant assets in the form of information. Some of these assets lose substantial value if they are improperly disclosed, and similar disclosure of other assets could result in significant harm to the organization. This role will support the Global Cyberscurity Office mission by working with the business as a trusted advisor to reduce information security risks to acceptable levels.
**ESSENTIAL DUTIES AND RESPONSIBILITIES:**
These duties are not meant to be all-inclusive and other duties may be assigned.
+ Direct the activities of the Cybersecurity Architecture team, responsible for enterprise security architecture, secure solution design, and OT cybersecurity
+ Contribute to the development, maintenance, and execution of the Cybersecurity strategy by providing thought leadership on all aspects of Cybersecurity. Partner with business leadership to align and integrate cybersecurity and business strategies.
+ Advocate for security policy compliance and risk mitigation during planning sessions and implementation of new services, applications, platforms and oversee projects and technical implementation as needed.
+ Provide leadership support of security audits, assessments, contractual requirement analyses, and forensic investigation activities.
+ Monitor compliance with existing security policies and propose changes to improve operating efficiency, regulatory alignment and risk mitigation.
+ Coordinate with business team (e.g. IT, HR, Engineering) to establish plans to mitigate new cyber risks associated with new business activities. Partner closely with business leadership to effectively communicate alternatives and risk mitigation recommendations.
+ Manage a staff of information security professionals, hire and train new staff, conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members.
**MINIMUM QUALIFICATIONS:**
+ Bachelor's degree in Information Systems, Management or equivalent.
+ Ten (10) or more years of Information Security/Cybersecurity experience.
+ Five (5) or more years of Information Security/Cybersecurity management experience.
+ Ability to travel 10% of time.
**PREFERRED QUALIFICATIONS:**
+ Graduate degree in Information Systems, Management or equivalent.
+ Relevant industry recognized certifications (CISSP, CISM, CEH, GIAC, Security+, etc.).
+ Ability to interact with company personnel, build strong relationships at all levels and across all business units and organizations, and understand business imperatives.
+ Strong understanding of the business impact of security tools, technologies and policies.
+ Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies.
+ Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, management and business personnel.
+ Hold an active U.S. Government Secret level clearance.
+ Experience with project management, audit, defense-in-depth security systems, incident response, vulnerability management, IT infrastructure, regulatory laws/framework.
**BASIC COMPETENCIES:**
+ **Internal Contacts:** Contact with employees or others primarily at a routine level involving basic information exchange; Contact with peers and others involving explanation of information (these contacts may be within or outside department or division), and the gathering of factual information; may include the communication of sensitive or confidential information; Contact across departments or divisions with employees involving persuasion of others, absent formal authority, to conform to a policy interpretation or recommend course of action.
+ **External Contacts:** External contact involving a requirement to maintain a continuing external working relationship with individuals or organizations.
+ **Communication Skills:** Read, write and comprehend simple instructions, short correspondence and memos; Read and interpret safety rules, operating/maintenance instructions and procedure manuals; Write routine reports, correspondence and speak effectively before both internal and external groups; Read, analyze, and interpret business manuals, technical procedures and/or government regulations; Read, analyze, and interpret scientific and technical journals, financial reports and legal documents; Prepare and/or present written communications that pertain to controversial and complex topics. Language Skills: English.
+ **Decision-Making:** Significant responsibility for decisions and final results, affecting more than one function or a function with multiple unites. Substantial analysis is required and many factors must be weighed before a decision can be reached.
+ **Complexity, Judgment and Problem Solving:** Work requires the ability to plan and perform work in light of new or constantly changing problems, work from broad instruction, and deal with complex factors not easily evaluated. Decisions require considerable judgment, initiative, and ingenuity in areas there is little precedent.
+ **Supervisory/Managerial:** Scheduling, supervision, and evaluation of work as a superior of "managers". Administers through subordinate managers, function multi-functional duty programs or operations.
**WORKING CONDITIONS:**
+ **Physical Demands:** Frequent Sitting, Hearing, Talking, Visual, Typing, and Manual Dexterity.
+ **Non-Physical Demands:** Frequent Analysis/Reasoning, Communication/Interpretation, Math/Mental Computation, Reading, Sustained Mental Activity (i.e., auditing, problem solving, grant writing, composing reports, etc.), and Writing.
+ **Environmental Demands:** Occasionally Works Alone.
+ **Work Schedule:** Routine shift hours. Infrequent overtime, weekend, or shift rotation.
+ **Demands/Deadlines:** High volume and variable work demands and deadlines impose strain on routine basis or considerable stress intermittently; OR regular direct contacts with distressed individuals within the immediate work environment; and/or exposure to demands and pressures from persons other than immediate supervisor.
#LI-VR
**Pay Range:**
$151,400.00 - $272,600.00
The above pay range reflects the minimum and maximum target pay for the position across all U.S. locations. Within this range, individual pay is determined by various factors, including the scope and responsibilities of the role, the candidate's experience, education and skills, as well as the equity of pay among team members in similar positions. Beyond offering a competitive total rewards package, we prioritize a people-first culture and offer various opportunities to support team member growth and success.
Oshkosh is committed to working with and offering reasonable accommodation to job applicants with disabilities. If you need assistance or an accommodation due to disability for any part of the employment process, please contact us at
Oshkosh Corporation is a merit-based Equal Opportunity Employer. Job opportunities are open for application to all qualified individuals and selection decisions are made without regard to race, color, religion, sex, national origin, age, disability, veteran status, or other protected characteristic. To the extent that information is provided or collected regarding categories as provided by law it will in no way affect the decision regarding an employment application.
Oshkosh Corporation will not discharge or in any manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with Oshkosh Corporation's legal duty to furnish information.
Certain positions with Oshkosh Corporation require access to controlled goods and technologies subject to the International Traffic in Arms Regulations or the Export Administration Regulations. Applicants for these positions may need to be "U.S. Persons," as defined in these regulations. Generally, a "U.S. Person" is a U.S. citizen, lawful permanent resident, or an individual who has been admitted as a refugee or granted asylum.

View Now

Division Director, Cybersecurity

08110 Pennsauken, New Jersey BAYADA Home Health Care

Posted 16 days ago

Tap Again To Close

Job Description

**POSITION SUMMARY:**
The Division Director, Cybersecurity, is a critical and trusted leadership role, responsible for leading, formulating, and expanding our cybersecurity strategy in alignment with our mission and long-term goals. This role is responsible for the development and implementation of enhanced security measures to protect data, systems, and infrastructure. The Division Director, Cyber Security, is responsible for managing responses to cyber security incidents, ensuring threats are managed effectively and appropriately to protect data and reputation.
**MINIMUM QUALIFICATIONS:**
+ Exemplifies characteristics of The BAYADA Way: compassion, excellence and reliability.
+ Four (4) year college degree. Advanced degree preferred.
+ Ten (10) years of progressive experience leading and transforming security and technology teams in a growth oriented environment.
+ Five (5) years of experience leading AI-driven cybersecurity projects and teams.
+ CISSP preferred but not required.
+ Demonstrated record of strong interpersonal skills and building relationships.
+ Demonstrated record of goal achievement and exceeding performance standards.
+ Demonstrated ability to lead people and get results through others.
+ Demonstrated understanding of network and systems security, cloud security, and machine learning algorithms.
+ Experience managing large-scale incident response.
+ Demonstrated experience in implementing Data Loss Prevention capabilities, closing gaps in detection and monitoring, and adoption of quantitative risk management approach for better decision making.
+ Experience eliminating technical debt that exposes security vulnerabilities, such as end-of-life systems.
+ Experience running training & awareness sessions, desktop simulations with red team/blue teams, and employee empowerment through targeted role-based risk training.
+ Detailed understanding of HIPAA, NIST & HITRUST frameworks.
+ Experience setting up a Managed SOC detection & response services, Security Info Event Management, and supporting forensic analysis.
+ Experience with Zero Trust models preferred but not mandatory.
+ Experience with the implementation of an AI-driven threat detection platform is an added plus.
+ Experience with cloud security (AWS, Azure, GCP) and securing SaaS platforms.
+ Exceptional organizational skills and problem-solving abilities.
+ Proven ability to manage high-pressure situations with professionalism and discretion.
+ Strong relationship-building skills to promote collaboration and drive successful outcomes.
+ Proficiency in various technical platforms and the ability to swiftly learn new tools.
+ Strong communication and customer service skills.
+ Proven ability to communicate complex security topics effectively to executive and non-technical stakeholders.
+ Excellent organizational skills and strong attention to detail.
+ Understands and connects with the BAYADA Home Health Care culture.
+ Ability to read, write and effectively communicate in English.
**TRAINING AND CERTIFICATIONS:**
Professional certifications such as CISSP, CISA, or equivalent are strongly preferred.
**PRIMARY RESPONSIBILITIES:**
+ Demonstrate and communicate the core values of BAYADA and The BAYADA Way.
+ Develop working knowledge of BAYADA's mission, services, people, organization, policies and procedures.
+ Model, uphold, and communicate BAYADA's core values and The BAYADA Way in all strategic, operational, and team initiatives.
+ Foster and sustain a culture of teamwork, innovation, integrity, and continuous improvement across all cybersecurity operations.
+ Develop, implement, and continually evolve a best-in-class, organization-wide cybersecurity strategy tightly aligned to BAYADA's mission, regulatory requirements, and strategic priorities.
+ Serve as a trusted advisor to executive leadership, providing insightful guidance on emerging threats, organizational resilience, preparedness, and cyber risk.
+ Identify, assess, and proactively manage cyber risks impacting BAYADA's clients, workforce, operations, and AI-powered solutions.
+ Lead the development and execution of comprehensive security measures to protect sensitive data, information systems, and AI assets, ensuring privacy and robust compliance.
+ Oversee the Security Operations Center, directing incident response, event reporting, investigation, and coordinated resolutions that minimize business disruption.
+ Ensure streamlined, high-performing operations for threat intelligence, vulnerability management, penetration testing, and ongoing risk assessments.
+ Collaborate closely with compliance, legal, enterprise architecture, data, IT, and external partners to address privacy and regulatory requirements.
+ Work in concert with technology and cloud providers to embed security by design in data centers, multi-cloud environments, and care locations.
+ Advance the responsible adoption of automation and infrastructure-as-code to drive agility, efficiency, and resilience in security posture.
+ Champion the integration of machine learning and AI-enabling real-time threat detection, behavior analytics, and proactive defense in care and home health environments.
+ Ensure ethical governance of AI systems within cybersecurity, maintaining compliance and high standards of integrity.
+ Lead the development, implementation, and ongoing improvement of security awareness programs to inform BAYADA's workforce about cyber risks and best practices.
+ Promote a culture where every teammate is empowered as a guardian of digital trust-inspiring gratitude and vigilance across the organization.
+ Establish, monitor, and report on service level agreements and key performance indicators (KPIs) to sustain high standards in cyber defense, operational efficiency, and compliance (including HIPAA, HITRUST, and industry-relevant frameworks).
+ Guide and support regular security audits, compliance reviews, and organizational reporting.
+ Build, mentor, and empower a high-performing cybersecurity team, supporting professional growth, specialized training, and well-being.
+ Strategically manage resource allocation, budgeting, vendor relationships, and contract negotiations to maximize security investment and service excellence.
+ Lead long-term infrastructure planning for cybersecurity to support BAYADA's digital transformation, scale, and evolving technology portfolio.
+ Remain at the forefront of healthcare IT trends, emerging risk landscapes, and innovative technologies, ensuring BAYADA's security program sets benchmarks for excellence.
+ Demonstrate solid performance or exceed performance standards in key job dimensions/attributes as defined on the Performance Appraisal for Office Staff.
+ Perform related duties and special projects as required or requested by supervisor, demonstrating flexibility, gratitude, and unwavering commitment to BAYADA's community and a future defined by secure, compassionate care.
**OTHER RESPONSIBILITIES:**
+ Complete special projects or other assignments as requested
+ Demonstrates professional work behaviors such as professionalism and confidentiality.
+ Seek learning opportunities around programs that affect professional and/or personal growth.
**WHY CHOOSE BAYADA?**
+ Base Pay: $220,000-$275,000 year depending on qualifications plus opportunity for bonus
+ BAYADA offers a comprehensive benefits plan that includes the following: Paid holidays, vacation and sick leave, vision, dental and medical health plans, employer paid life insurance, 401k with company match, direct deposit and employee assistance program
+ To learn more about BAYADA Benefits, click here ( .
**As an accredited, regulated, certified, and licensed home health care provider, BAYADA complies with all state/local mandates.**
BAYADA is celebrating 50 years of compassion, excellence, and reliability. Learn more about our 50th anniversary celebration and how you can join in here ( .
BAYADA Home Health Care, Inc., and its associated entities and joint venture partners, are Equal Opportunity Employers. All employment decisions are made on a non-discriminatory basis without regard to sex, race, color, age, disability, pregnancy or maternity, sexual orientation, gender identity, citizenship status, military status, or any other similarly protected status in accordance with federal, state and local laws. Hence, we strongly encourage applications from people with these identities or who are members of other marginalized communities.

View Now

Audit Director -Cybersecurity

10176 New York, New York SMBC

Posted 16 days ago

Tap Again To Close

Job Description

SMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group has more than 130 offices and 80,000 employees worldwide in nearly 40 countries. Sumitomo Mitsui Financial Group, Inc. (SMFG) is the holding company of SMBC Group, which is one of the three largest banking groups in Japan. SMFG's shares trade on the Tokyo, Nagoya, and New York (NYSE: SMFG) stock exchanges.
In the Americas, SMBC Group has a presence in the US, Canada, Mexico, Brazil, Chile, Colombia, and Peru. Backed by the capital strength of SMBC Group and the value of its relationships in Asia, the Group offers a range of commercial and investment banking services to its corporate, institutional, and municipal clients. It connects a diverse client base to local markets and the organization's extensive global network. The Group's operating companies in the Americas include Sumitomo Mitsui Banking Corp. (SMBC), SMBC Nikko Securities America, Inc., SMBC Capital Markets, Inc., SMBC MANUBANK, JRI America, Inc., SMBC Leasing and Finance, Inc., Banco Sumitomo Mitsui Brasileiro S.A., and Sumitomo Mitsui Finance and Leasing Co., Ltd.
The anticipated salary range for this role is between $190,000.00 and $225,000.00. The specific salary offered to an applicant will be based on their individual qualifications, experiences, and an analysis of the current compensation paid in their geography and the market for similar roles at the time of hire. The role may also be eligible for an annual discretionary incentive award. In addition to cash compensation, SMBC offers a competitive portfolio of benefits to its employees.
**Overview**
SMBC is seeking an experienced Audit Director with a minimum of 10 years' experience in the banking and finance/technology industry to conduct audit coverage for the firm's cybersecurity and other related technology controls. Reporting to the Cybersecurity Audit Team Head, the Audit Director will be responsible for (i) conducting cybersecurity and other related technology audits, ensuring work is performed in accordance with IIA standards and Internal Audit Department (IAD) policies and procedures, and (ii) supporting the Cybersecurity Audit Team Head in the execution of their duties. In addition, they will (i) support IAD Management team in helping to identify areas of coverage for planning, development, implementation, and maintenance of an internal audit program covering cybersecurity and technology related areas across the Americas Division and (ii) conduct regular continuous monitoring activities covering cybersecurity and technology related risks and related processes and controls within a prescribed timeframe.
When acting as the Auditor in Charge, the individual will be assigned an audit team (2-4 individuals from both the North America and EMEA IT Audit teams) depending on the size and complexity of the audit.
**Role Responsibilities**
+ Conduct regular audits of cybersecurity and technology related areas assessing adherence to firm and regulatory requirements and assessing design, operating effectiveness and sustainability of associated controls.
+ Create audit issues and reports that clearly articulate results, conclusions and recommendations for review with senior audit management and auditees.
+ Challenge the ongoing coverage of cybersecurity and technology related areas and present ideas for improvement.
+ Facilitate risk issue tracking to promote timely remediation.
+ Track and validate closure of issues raised by IAD, external auditors, regulators, and self-identified by stakeholders, including recommending additional actions when necessary.
+ Work collaboratively with colleagues and auditees to identify risk concerns and agree reasonable solutions.
+ Forge strong partnerships with colleagues in other technology and control functions including legal, compliance, data security and risk management to promote front-to-back collaboration across risk assessment and findings remediation.
+ Partner with audit colleagues in other business verticals and/or geographies to share best practices and drive greater consistency.
+ Seek out opportunities to engage with stakeholders outside of formal audit periods to drive deeper relationships.
+ Stay up-to-date with evolving industry/regulatory changes impacting the business and participate in appropriate control forums.
+ Conduct regular Continuous Monitoring activities and auditable entity updates.
+ Recognize the confidential nature of IAD communications and access to information; exercise discipline in protecting the confidentiality and security of information in accordance with IAD policies and procedures.
**Qualifications and Skills**
+ Minimum of 10 years of Cybersecurity/audit experience in the banking and/or technology industry.
+ Knowledge and experience in various Technology and Cybersecurity domains, e.g., Identity and Access Management, Vulnerability Management, etc.
+ Knowledge of cybersecurity related risks (i.e., Governance, Identify, Protect, Detect, Respond, Recover, Supply Chain, and Demand Management).
+ Knowledge of industry relevant standards (e.g., NIST, CRI) and related regulatory expectations (e.g., NYS DFS 500, FFIEC).
+ Knowledge of audit techniques, risk and internal controls assessment, and workpaper standards. Ability to manage and execute audits, from planning to audit closing.
+ Strong strategic thinking skills including the ability to identify and assess technology related risks.
+ Ability to act as trusted advisor to senior management using discretion and sound judgment in identifying, analyzing, and reporting results.
+ Excellent communication (both verbal and written), presentation and professional skills including the ability to interact effectively at all levels within the organization.
+ Enthusiastic and self-motivated, effective under pressure and willing to take personal responsibility/accountability.
+ Bachelor's Degree in Information Technology, MIS, Finance, or related field. Advanced degree is a plus.
+ Working knowledge of Microsoft Office Suite (Outlook, Excel, Word, PowerPoint).
SMBC's employees participate in a Hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process. Hybrid work may not be permitted for certain roles, including, for example, certain FINRA-registered roles for which in-office attendance for the entire workweek is required.
SMBC provides reasonable accommodations during candidacy for applicants with disabilities consistent with applicable federal, state, and local law. If you need a reasonable accommodation during the application process, please let us know at

View Now

Director, Cybersecurity Transformation

77001 Houston, Texas Hewlett Packard Enterprise Company

Posted 6 days ago

Tap Again To Close

Job Description

Permanent

Director, Cybersecurity Transformation

This role has been designed as 'Hybrid' with an expectation that you will work on average 2 days per week from an HPE office.

Who We Are:

Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today's complex world. Our culture thrives on finding new and better ways to accelerate what's next. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE.

Job Description:

About our cybersecurity team

Are you ready to make an impact at one of the world's leading tech companies? At HPE, our Cybersecurity team is shaping the future of secure innovation. We're looking for an experienced Director, Cybersecurity Transformation to join our Cybersecurity team. If you're passionate about cybersecurity and ready for your next challenge, we'd love to hear from you.

About the Role

We are seeking a skilled and motivated leader to serve as Director, Cybersecurity Transformation . This role, reporting directly to the Vice President of the Office of the CISO, will be a key partner to senior leadership in strengthening HPE's cybersecurity posture through continuous improvement, transformation, and the successful delivery of complex programs.

This leader will be responsible for managing a portfolio of large-scale cybersecurity transformation programs and inspiring cross-functional teams to achieve ambitious goals . The ideal candidate will excel at partnering across functions and business units, influencing senior executives, and leading teams to deliver measurable business value.

The ideal leader will bring extensive expertise in program management, leadership in technology-driven initiatives, and a modern approach that combines deep cybersecurity knowledge with agile methodologies and disciplined execution.

Success in this role requires meticulous organization, crisp communication and a methodical approach to measurable risk reduction . Impact is achieved through phased delivery-breaking down complex work into manageable increments that produce early wins and build momentum for lasting adoption.

Transformation Leadership

Drive Transformational Change: Lead the planning, execution, and successful delivery of complex, large-scale transformation programs
Champion Change: Foster a culture of continuous improvement, innovation, and agility by driving the adoption of new processes, tools, and mindsets across the organization.
Ensure Value Realization: Establish and oversee frameworks for tracking and measuring the impact of transformation initiatives, ensuring a clear return on investment.

Program Management Office (PMO) Leadership

Portfolio Oversight: Provide executive oversight for the full portfolio of cybersecurity programs, ensuring alignment with strategic objectives and driving data-driven prioritization and resource allocation.
Financial Management: Project and forecast budgets via rigorous financial planning and oversight.
Transparency: Implement a robust governance framework to ensure accountability and transparency, with regular portfolio reporting to executive leadership.

Team and Stakeholder Leadership

Lead a High-Performing Team: Recruit, mentor, and lead a world-class cybersecurity transformation and program delivery team. You will lead internal and external resources, including technical PMs.
Cultivate Global Relationships: Build and maintain strong global relationships with senior and executive management, as well as stakeholders across the organization, from the C-suite to frontline teams.
Drive Consensus and Resolution: Influence, negotiate, and build consensus to drive success, stepping in to mediate critical escalations and driving alignment.

Skills and Competencies

Inspiring Leadership: Ability to motivate teams to achieve ambitious goals, solve complex problems and to navigate organizational challenges.

Strategic and Business Acumen: Strong understanding of business principles, financial management, and the ability to align program execution with long-term business objectives and critical business success factors.
Exceptional Communication: Outstanding interpersonal and communication skills; able to articulate a clear vision and influence at all levels.

Cybersecurity Knowledge: Deep understanding of the cybersecurity landscape, key threats, technologies, and regulatory frameworks.

Change Leadership: Demonstrated ability to drive adoption of new ways of working and embed lasting cultural change.

Qualifications and Experience

Experience: 10+ years in program and portfolio management, including 7+ years in senior leadership roles within large, global organizations. Significant, direct experience in cybersecurity is required.

Proven Track Record: Demonstrated success delivering complex transformation programs with multi-million-dollar budgets and high organizational impact.

Leadership Expertise: Proven ability to build and scale high-performing teams with strong strategic impact.

Education: Bachelor's degree in Business, Strategy, or a related field; Master's degree (MBA or equivalent) strongly preferred.

Certifications: PMP, PgMP, Agile Project Management, and/or relevant cybersecurity certifications (e.g., CISSP, CISM) are highly desirable.

Additional Skills:

Accountability, Accountability, Action Planning, Active Learning, Active Listening, Agile Methodology, Bias, Business, Coaching, Creativity, Critical Thinking, Cybersecurity, Data Analysis Management, Data Collection Management (Inactive), Data Controls, Design Thinking, Development Methodologies, Empathy, Follow-Through, Growth Mindset, Implementation Methodologies, Infrastructure Design, Intellectual Curiosity (Inactive), Long Term Planning, Managing Ambiguity {+ 4 more}

What We Can Offer You:

Health & Wellbeing

We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing.

Personal & Professional Development

We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have - whether you want to become a knowledge expert in your field or apply your skills to another division.

Unconditional Inclusion

We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good.

Let's Stay Connected:

Follow @HPECareers on Instagram to see the latest on people, culture and tech at HPE.

#unitedstates

#executive

Job:
Information Technology
Job Level:
Director

States with Pay Range Requirement

The expected salary/wage range for a U.S. -based hire filling this position is provided below. Actual offer may vary from this range based upon geographic location, work experience, education/training, and/or skill level. If this is a sales role, then the listed salary range reflects combined base salary and target-level sales compensation pay. If this is a non-sales role, then the listed salary range reflects base salary only. Variable incentives may also be offered. Information about employee benefits offered can be found at .

USD Annual Salary: $164,500.00 - $398,500.00

HPE is an Equal Employment Opportunity/ Veterans/Disabled/LGBT employer. We do not discriminate on the basis of race, gender, or any other protected category, and all decisions we make are made on the basis of qualifications, merit, and business need. Our goal is to be one global team that is representative of our customers, in an inclusive environment where we can continue to innovate and grow together. Please click here: Equal Employment Opportunity .

Hewlett Packard Enterprise is EEO Protected Veteran/ Individual with Disabilities.

HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.

Apply Now

Be The First To Know

About the latest Cybersecurity director Jobs in United States !

Set Email Alert:

Enter your email

Job title

Location

Director Cybersecurity M&A

75219 Dallas, Texas AT&T

Posted 5 days ago

Tap Again To Close

Job Description

**Job Description:**
**This position requires office presence of a minimum of 5 days per week and is only located in Dallas, Texas. No relocation is offered.**
Join AT&T and reimagine the communications and technologies that connect the world. We're committed to those who seek to discover the undiscoverable and dare to disrupt the norm. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won't just imagine the future - you'll create it.
The Director (Chief Security Office M&A) will lead a team comprised of highly skilled cybersecurity professionals dedicated to evaluating and enhancing security for key software and hardware components including consumer as well as AT&T employee mobile experiences. Our mission is to support both internal and external customers by ensuring the timely, cost-effective, and operationally cybersecure delivery of products and services.
**What You Will Do:**
+ Partner with corporate development, legal, and business unit leaders to evaluate and integrate cybersecurity risk management throughout the M&A lifecycle.
+ Conduct comprehensive cybersecurity due diligence on target companies, including assessment of software, hardware, infrastructure, and operational practices.
+ Identify, analyze, and document cyber risks and vulnerabilities associated with mergers, acquisitions, and divestitures, and recommend remediation strategies.
+ Develop and implement integration plans to align acquired assets with AT&T's security standards, policies, and controls.
+ Oversee secure data migration, access control, and protection of intellectual property during transitions.
+ Lead cross-functional teams to ensure seamless and cybersecure integration of people, processes, and technology post-transaction.
+ Establish and enforce cybersecurity requirements in M&A contracts and partner agreements.
+ Drive continuous improvement by capturing lessons learned from each transaction and updating M&A cybersecurity playbooks and protocols.
**What You Will Bring:**
+ Master's in Information Systems, Engineering, Mathematics or Cybersecurity preferred.
+ 10 years of related experience.
+ Experience managing a technical team.
+ Proven ability to evaluate, implement, and oversee enterprise-grade security controls across software and hardware platforms.
+ Advanced skills in conducting threat modeling, vulnerability assessments, and risk analysis for large-scale technical environments.
+ **I** n-depth knowledge of security standards and frameworks such as NIST, ISO/IEC 27001, CIS Controls, and industry-specific compliance (e.g., SOX, PCI-DSS, GDPR, HIPAA).
+ Ability to assess and manage the security posture of third-party vendors and partners.
+ Strong skills in developing detailed security policies, procedures, and technical documentation for cross-functional teams.
**Joining our team comes with amazing perks and benefits:**
+ Medical/Dental/Vision coverage 
+ 401(k) plan 
+ Tuition reimbursement program 
+ Paid Time Off and Holidays (based on date of hire, at least 28 days of vacation each year and 9 company-designated holidays) 
+ Paid Parental Leave 
+ Paid Caregiver Leave 
+ Additional sick leave beyond what state and local law require may be available but is unprotected 
+ Adoption Reimbursement 
+ Disability Benefits (short term and long term) 
+ Life and Accidental Death Insurance 
+ Supplemental benefit programs: critical illness/accident hospital indemnity/group legal 
+ Employee Assistance Programs (EAP) 
+ Extensive employee wellness programs 
+ Employee discounts up to 50% off on eligible AT&T mobility plans and accessories,
+ AT&T internet (and fiber where available) and AT&T phone
+ Restricted Stock
If you're ready to make an impact on our business and your career, bring your bold ideas to a world of possibility.
Ready to join our team? Apply today!
**Weekly Hours:**
40
**Time Type:**
Regular
**Location:**
Dallas, Texas
**Salary Range:**
$191,400.00 - $287,200.00
It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.
AT&T will consider for employment qualified applicants in a manner consistent with the requirements of federal, state and local laws
We expect employees to be honest, trustworthy, and operate with integrity. Discrimination and all unlawful harassment (including sexual harassment) in employment is not tolerated. We encourage success based on our individual merits and abilities without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, marital status, citizenship status, military status, protected veteran status or employment status

View Now

Director Information Security & Risk Management

99811 Juneau, Alaska Highmark Health

Posted 1 day ago

Tap Again To Close

Job Description

**Company :**
Highmark Health
**Job Description :**
**JOB SUMMARY**
***CANDIDATE MUST BE US Citizen (due to contractual/access requirements)***
This job directs and manages Identity and Access Management (IAM) services for the Enterprise. Provides leadership to the Organization's IAM program, including developing and managing the related policies, standards, architectures, and controls. Partners with Information Security, IT Infrastructure, Application Development, and business units to ensure secure and appropriate access to systems and data. Develops talent, addresses resource management, cultivates capabilities of staff, plans and coordinates work, and manages performance. Actively contributes to the IAM strategic planning process to develop and implement department strategic plans and action steps that support corporate strategic objectives. Defines service levels and monitors adherence. Sets budgets and controls expenses within the operating unit. Creates a team environment that promotes cooperation, empowerment, accountability, customer focus, and effective work relationships in order to realize business goals.
**ESSENTIAL RESPONSIBILITIES**
+ Perform management responsibilities including, but not limited to: involved in hiring and termination decisions; coaching and development; rewards and recognition; performance management and staff productivity.
+ Plan, organize, staff, direct and control the day-to-day operations of the department; develop and implement policies and programs as necessary; may have budgetary responsibility and authority.
+ Communicate effectively with all levels of the organization: facilitate meetings; plan, design and provide presentations; represent HM Health Solutions with outside entities; prepare divisional procedures, policies, reports and correspondence.
+ Provide Leadership to the Department: lead and champion organizational change; encourage participation in activities that support relationship development; champion information security and risk management innovation; demonstrate and champion the following characteristics in fulfilling the responsibilities of the job - passion, empowerment, accountability, collaboration and ethics.
+ Provide oversight of all aspects of project management to ensure continuous improvement of processes: negotiate and collaborate with senior executives and staff to develop solutions and options; develop and adhere to internal standards and strategies; ensure adherence to approved methodologies; coordinate resources, time, contingency plans and risk management; provide oversight regarding metrics, funding, budgets and resources.
+ Other duties as assigned or requested.
**EDUCATION**
**Required**
+ Bachelor's Degree in Information Security, Information Systems, Information Assurance, Computer Science or related field, or relevant experience and/or education as determined by the company in lieu of bachelor's degree
**Preferred**
+ Master's Degree in Information Security, or a related field with a focus on Identity and Access Management.
**EXPERIENCE**
**Required**
+ 10 - 15 years in Information Security and/or Information Risk Management and/or Information Technology
+ 10 - 15 years in developing, communicating and presenting Information Security and Risk Management concepts to varying audiences
+ 7 - 10 years in mentoring others in a leadership role
+ 5 - 7 years in Staff Management
+ 5 - 7 years in developing and executing strategic plans to realize business objectives
+ 5 - 7 years establishing budgets and meeting fiduciary goals
**Preferred**
+ Experience managing an Identity and Access Management program using industry-standard frameworks.
+ Experience with cloud-based IAM solutions.
+ Experience with implementing and managing role-based access control (RBAC), attribute-based access control (ABAC), and policy-based access control (PBAC).
+ Experience with Zero Trust security models and their application to Identity and Access Management.
+ Experience with the application of Artificial Intelligence (AI) and Machine Learning (ML) to Identity and Access Management.
+ Experience with Identity Governance technologies (e.g., SailPoint).
+ Experience with Public Key Infrastructure (PKI).
+ Experience with Federated Identity Management (SAML, OAuth, OpenID Connect).
+ Experience with enterprise directory services such as Active Directory and LDAP.
+ Experience with securing APIs using IAM principles and technologies.
+ Experience with cloud-based identity providers like Azure AD, AWS IAM, and Google Cloud Identity.
**LICENSES AND CERTIFICATIONS**
**Required**
+ None
**Preferred** (any of the following)
+ Certified Information Systems Security Professional (CISSP)
+ Certified Information Security Manager (CISM)
+ Certified in Risk and Information Systems Controls (CRISC)
+ Information Technology Infrastructure Library (ITIL)
**SKILLS**
+ Knowledge of regulatory requirements such as Health Insurance Portability and Accountability Act (HIPPA), HITECH, Payment Card Industry Data Security Standards (PCI DSS), and FIPS-140
+ Strong executive communication and presenting skills
+ Strong teamwork and interpersonal skills
+ Experience in leading process improvement initiatives
+ Ability to motivate high performance, multi-discipline teams
+ Demonstrated competency in project execution
+ Demonstrated abilities in relationship management
**Language (Other than English):**
None
**Travel Requirement:**
0% - 25%
**PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS**
**Position Type**
Office-based
Teaches / trains others regularly
Occasionally
Travel regularly from the office to various work sites or from site-to-site
Rarely
Works primarily out-of-the office selling products/services (sales employees)
Never
Physical work site required
Yes
Lifting: up to 10 pounds
Constantly
Lifting: 10 to 25 pounds
Occasionally
Lifting: 25 to 50 pounds
Rarely
**_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._
**_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._
_As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._
_Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._
**Pay Range Minimum:**
$126,400.00
**Pay Range Maximum:**
$236,000.00
_Base pay is determined by a variety of factors including a candidate's qualifications, experience, and expected contributions, as well as internal peer equity, market, and business considerations. The displayed salary range does not reflect any geographic differential Highmark may apply for certain locations based upon comparative markets._
Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law.
We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below.
For accommodation requests, please contact HR Services Online at
California Consumer Privacy Act Employees, Contractors, and Applicants Notice
Req ID: J

View Now

Director Information Security & Risk Management

62762 Springfield, Illinois Highmark Health

Posted 1 day ago

Tap Again To Close

Job Description

View Now

Industry

View All Cybersecurity Director Jobs

Menu

Search Suggestions

Recent Searches

Popular Searches

Location Suggestions

Popular Locations

Nearby Locations

Other Jobs Near Me

Industry

4,841 Cybersecurity Director jobs in the United States

BISO Cybersecurity Director

Job Description

Information Security Management System Lead

Job Description

Information Security Management System Lead

Job Description

Director, Cybersecurity Architecture

Job Description

Division Director, Cybersecurity

Job Description

Audit Director -Cybersecurity

Job Description

Director, Cybersecurity Transformation

Job Description

Be The First To Know

Director Cybersecurity M&A

Job Description

Director Information Security & Risk Management

Job Description

Director Information Security & Risk Management

Job Description

Nearby Locations

Other Jobs Near Me

Industry