General Electric Director, Cyber IT in San Ramon, California
Job Description Summary
We are seeking a strong candidate for our IT team to help with the regulatory, data security governance and compliance with deep IT and cloud experience. The Director - Cyber Security will engage in all phases of implementing, mapping controls, managing the respective processes and coordinating with Corporate and internal teams, including auditors for all areas within IT. You are experienced in compliance assessment in IT and cloud service provider environments like Azure, AWS etc. You will bring the organization’s IT information security compliance under explicit management control.
In this role, you will:
Maintain up-to-date, detailed knowledge of security solutions, processes and threat vectors; evangelize best practices across groups within IT.
Recommend changes, enhancements or solutions to improve security posture
Design and plan enterprise security and privacy governance models and KPIs
Create or adapt privacy, compliance and enterprise security policies and standards
Perform compliance assessments and data security governance reviews at all levels of the Infrastructure, Platform and Software by utilizing established IT risk assessment framework and assessment programs.
Understanding and hands on experience in developing one or more industry compliance frameworks and/or compliance regulations (ISO27001/2, PCI-DSS, HIPAA, FedRAMP, SSAE16, SOC 1, SOC 2, IEC62443, International Privacy Requirements including EU Privacy and Safe Harbor).
Assist the team in the execution of compliance programs around SOX, ISO27001, NIST800-53 and Privacy.
Provide practical recommendations to remediate control gaps based on risks
Prepare present assessment findings to a cross-functional teams such as IT, engineering, security, sourcing, legal, and compliance.
Establish operating rhythm to report out on key metrics including status of assessments and issue management.
BS degree or higher in MIS, Computer Engineering or in a STEM major (Science, Technology, Engineering or Math)
A minimum of 8 years of experience in information security management and/or related functions (such as Compliance, IT audit, IT Risk Management, Vulnerability Management and Incident Management).
Hands-on experience building compliance (i.e. ISO, SOC, FedRAMP, HIPAA etc.) frameworks is preferred.
Strong oral communication, business writing, presentation and facilitation skills
Minimum 5 years in an IT Leadership Position
Proven analytics and problem-solving abilities
Experience communicating with geographically distributed teams.
Foster a collaborative and cooperative team environment, encouraging input and participation from all members.
Security consulting or equivalent experience
Experience in large enterprise environments
Strong communication and interpersonal skills
Experience with the application of risk identification techniques
Excellent written and verbal communication skills
Ability to influence others effectively across a matrixed organization
Experience with broad set of information security technologies and processes within IT, SaaS, IaaS, PaaS, or cloud environment.
Internationally recognized information security/IT Audit certification/qualifications such as CISSP, CISA, GSNA, GSAE, or CCNA
Detailed understanding of industry accepted Information Security and IT governance standards (i.e. COBIT, ISO, NIST)
Awareness or experience with industry regulations (i.e. SOX, GDPR, CCPA etc.)
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer (https://assets.phenompeople.com/CareerConnectResources/GE11GLOBAL/en_global/desktop/assets/images/poster_screen_reader_optimized_w_supplement.pdf) . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).
Relocation Assistance Provided: No