Director, Cybersecurity Governance, Risk and Compliance

🔥 0 minutes ago

🏄 California – Remote

🏄 California – Remote

💵 $147.8k - $268.3k / year

⏰ Full Time

🔴 Lead

👮‍♂️ Cybersecurity / Security Engineer

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

DIRECTV

WebsiteLinkedInAll Job Openings

10,000+ employees

Founded 1994

📡 Telecommunications

📱 Media

Telecommunications • Media

DIRECTV is a leading provider of satellite TV and internet-based television services in the United States. They offer a variety of television packages that include a wide range of channels, premium networks, sports, and movies. Customers can choose between satellite TV or streaming via existing internet services without the need for a satellite dish. DIRECTV is known for its extensive sports programming, including exclusive access to NFL Network and NFL RedZone, as well as regional sports networks. Additionally, DIRECTV provides services for both residential and business customers and offers a variety of deals and promotions, including discounts and reward cards for new customers.

📋 Description

• Lead the enterprise Cybersecurity Governance Program • Develop and maintain cybersecurity KPIs, KRIs, scorecards, and executive reporting • Prepare and facilitate monthly Cybersecurity Governance Reviews and executive presentations • Track cybersecurity initiatives, remediation activities, and strategic priorities • Drive accountability for cybersecurity performance across the organization • Lead enterprise cyber risk identification, assessment, reporting, and remediation programs • Maintain cybersecurity risk registers and risk treatment plans • Facilitate risk reviews with business and technology stakeholders • Present cybersecurity risk posture to senior leadership • Own cybersecurity policies, standards, procedures, and governance frameworks • Ensure alignment with industry standards and regulatory requirements • Maintain governance processes supporting cybersecurity decision-making • Lead cybersecurity compliance activities supporting PCI DSS, SOX, regulatory, and contractual requirements • Coordinate internal and external audits • Manage remediation efforts resulting from audit findings and assessments • Maintain cybersecurity control documentation and evidence repositories • Lead Supplier Information Security Requirement (SISR) governance and oversight • Manage third-party cybersecurity risk assessments and monitoring • Partner with Procurement, Legal, and Vendor Management organizations to ensure supplier security compliance • Lead enterprise cybersecurity awareness, training, and phishing simulation programs • Establish metrics to measure effectiveness and maturity • Drive continuous improvement of employee cybersecurity culture • Provide governance oversight of various security assurance and testing programs • Ensure testing results are tracked, reported, and remediated appropriately • Lead and develop cybersecurity governance personnel and contractors • Manage vendor and consulting relationships supporting GRC activities • Establish goals, objectives, and performance measures for the organization • Build a scalable governance function supporting DIRECTV's cybersecurity strategy.

🎯 Requirements

• Bachelor's degree in Cybersecurity, Information Technology, Business, Engineering, or related field • 5 – 7 years required, 10+ years desired progressive cybersecurity experience • 5+ years of leadership experience managing cybersecurity programs and teams • Deep knowledge of cybersecurity governance, risk management, compliance, and security frameworks • Experience with PCI DSS, NIST Cybersecurity Framework, ISO 27001, CIS Controls, and risk management methodologies • Experience presenting cybersecurity metrics and risk information to executive leadership • Strong written and verbal communication skills • Preferred CISSP, CISM, CRISC, CGEIT, PCI ISA, or equivalent certifications • Experience leading enterprise cybersecurity governance programs • Experience in telecommunications, media, technology, or highly regulated industries • Experience building cybersecurity governance organizations during periods of transformation or separation activities.

🏖️ Benefits

• Health insurance • Retirement plans • Paid time off • Flexible work arrangements • Professional development opportunities