GE Jobs

Mobile GE Logo

Job Information

General Electric Sr Director of Cyber Compliance & Governance in Ft Worth, Texas

Job Description Summary

GE Digital is seeking a Sr Director of Cyber Security Governance, Risk & Compliance (GRC) to join our Cyber Security team. We are looking for a highly motivated and technically adept professional that will be responsible for establishing, leading, and managing initiatives related to GE Digital's cyber security programs. This position is responsible for leading the coordination of security compliance efforts that are required for security access, audit response, policy and security exception oversight, risk management and the development and implementation of information security certifications, policies, procedures, guidelines and standards.

Job Description

Roles and Responsibilities

In this role, you will:

· Develop strategy & program for the Governance, Risk, and Compliance function within the global Cyber Security program

· Manage the establishment and implementation of IT Security policies, procedures and standards

· Implement process and tracking to monitor compliance to policies and standards. Work with subject matter experts to ensure policies and standards are comprehensive, current and appropriate to meet regulatory and security requirements

· Partner with Legal, Company Risk and Compliance teams to ensure regulatory compliance and unified visibility into risk

· Build metrics with the Security teams to help measure and manage the Security program

· Build out a Third-Party Risk program in partnership with the Cyber Architecture function, to assess partners and products to ensure risks are identified and managed

· Conduct IT systems security assessment and reviews for compliance with established security standards, policies, procedures, and guidelines. Oversees the facilitation of information security risk assessment methodologies and manages information security risk assessments and mitigation practices

· Accountable for the response, follow through and monitoring of any information security responses to audits. Collaborate with corporate compliance regarding regulatory changes to compliance standards as they relate to GE Digital's data assets or other business regulations related to Information Security. Perform self-assessments as required by regulatory and industry compliance initiatives, as well as internal best practices needs.

· Provide oversight and confident leadership to ensure that controls are adequate to meet legal, regulatory, policy, standards, and security requirements for GE Digital and customers.

· Manage and lead staff - mentoring, recruiting, and retaining. Identify, implement, and manage additional security controls as part of the GE Digital security program.

· Maintain a current, up to date knowledge of the information security field and the changing threat landscape while implementing improvements in both technical security and compliance domains, mitigating risks identified as part of the risk management process.

· Maintain Global technical regulations that impact Enterprise IT and GE Digital's Commercial Software products and maintain a streamlined regulatory compliance program ensuring that all relevant parties are informed and aware of their compliance status.

· Oversee Risk Based Testing (RBT) initiatives to ensure that applications, systems and commercial software products are robust and validated for cyber threats/risks.

· Responsible for communicating various security related topics to leadership

· Partner with government agencies and customer cybersecurity teams to understand the changing cybersecurity landscape and regulatory requirements

· Partner with Cybersecurity Product & Commercial teams to support the Inquiry to Order and Order to Remittance activities

· Additional projects/responsibilities as business demands.

Requirements

· Advanced knowledge and direct experience with technology frameworks such as NIST CSF, ISO 27001, etc.

· Advanced knowledge of NERC-CIP compliance requirements

· Strong leadership and team building experience and skills to maintain a well operating organization

· Expert in Risk Assessment, Management, and Tracking experience assessing and building out Security programs

· Strong program management skills. Ability to manage complex transformation plans across internal and external teams, delivering expected results, while leading the identification and mitigation of business and technical risks.

· Strong written and verbal communication and presentation skills, and ability to work with and influence across all levels of the organization.

· Ability to communicate technical and security-related concepts to a broad range of technical and non-technical staff, security vendors, consultants and senior management.

· Excellent leadership and teamwork skills.

Education Qualification

Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math) with minimum years of experience 8 years

Desired Characteristics:

· Minimum of 4 years of relevant experience in Cyber Security, Technology Risk Management and/or Auditing

· Experience of managing or working in a Cybersecurity Governance and Risk function serving the Bulk Power System industry or its supply chain

· Experience managing an ISMS as part of a ISO27001 framework

GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).

Additional Information

GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer (https://assets.phenompeople.com/CareerConnectResources/GE11GLOBAL/en_global/desktop/assets/images/poster_screen_reader_optimized_w_supplement.pdf) . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).

As a federal government contractor, GE requires U.S. employees to be fully vaccinated against COVID-19 unless you receive an approved medical or religious accommodation. Proof of vaccination will be required.

Relocation Assistance Provided: No

DirectEmployers