Detail of : Director Cybersecurity Risk Compliance Job Opening in Golden Valley
At , you will work along-side passionate problem-solvers who are committed to the future and are focused on creating a healthier world for all. Throughout our 120 global locations, our values guide us as we create innovative solutions for the world’s water challenges. We bring water to life!
As a employee, you would enjoy a wide array of benefit options to help keep you and your family healthy and protected, a generous 401(k) and ESPP to help you save for retirement, plus paid time off and wellness programs to encourage a healthy work/life balance.
We have an opportunity for a Cybersecurity, Risk & Compliance Director to join our Golden Valley, MN team. The Director, Cybersecurity Risk & Compliance will be responsible for planning, implementing and maintaining the cybersecurity governance, risk management, and compliance program within . This position will work closely with other leaders throughout the organization to ensure that ’s information and critical assets are properly identified and protected..
Lead the security governance, risk management, and compliance function for IT Security.
Develop and maintain the security risk management roadmap to align with regulatory and legal requirements.
Build and mature ’s policy and control framework supporting various standards (e.g., NIST Cybersecurity Framework, ISO 27001, CIS CSC) and regulatory/compliance requirements (e.g., Sarbanes Oxley, GDPR, PCI-DSS).
Develop, communicate, and manage information security policies, standards, baselines and practices supporting information security frameworks.
Oversee the approval, training, and dissemination of security policies and practices.
Work across functions to develop and maintain security playbooks, including incident management, vulnerability assessment, disaster recovery, awareness and training, endpoint protection.
Collaborate with legal to ensure security controls support global privacy and data protection requirements.
Drive the third-party risk management process by working closely with legal and procurement.
Develop and maintain a risk-based framework to mitigate and monitor third-party risk.
Complete customer information security questionnaires. Provide external information on ’s internal security capability and practices in support of business objectives.
Identify vulnerabilities for websites, communicate and educate stakeholders about website and ecommerce risk, work with developers to remediate issues, track and report progress.
Review and approve exceptions to security policy and firewall changes to ensure residual risk does not exceed risk appetite.
Design and implement an overall cyber risk management framework for the organization, including conducting risk assessments, documenting, evaluating and tracking status of risks and risk treatment plans (remediation or risk acceptance), and producing and communicating a risk register to key stakeholders.
Work directly with business units to facilitate cyber risk assessment and risk management processes, and work with stakeholders throughout the enterprise on identifying acceptable levels of residual risk.
Identify and quantify enterprise cybersecurity risk and update ’s risk register quarterly.
Partner and communicate with internal and external audit concerning changes to the security program, risk profile, and status of major security projects.
Coordinate with internal and external auditors and PCI assessors to ensure ’s continued compliance with PCI, Sarbanes Oxley, and other audit standards relevant to the organization.
Automate common repetitive audit tasks to reduce time and effort spent in preparing for internal and external audits.
Maintain and mature comprehensive security awareness and training program.
Partner with business stakeholders across the company to raise awareness of risk management concerns.
Promote sharing of expertise through consulting, presentation, and documentation.
Communicate the value of Cyber Risk, Compliance, and Information Security within the organization clearly and interact effectively at multiple levels of the organization, and influence as warranted and appropriate.
Lead development of security KPIs, metrics, and monitoring processes to ensure compliance, provide feedback on effectiveness, and provide the basis for appropriate management decisions.
Identify enterprise critical assets and ensure the availability, integrity, and confidentiality of those assets by performing and documenting risk analysis, recommending cost-effective security solutions, and overseeing projects to implement approved controls.
Establish procedures to address security incidents and partner with executive leadership to investigate and resolve security breaches.
Oversee incident response, and coordinate efforts to restore and recover from events that may negatively affect information, systems and critical infrastructure that support business functions.
Remain up-to-date on legal and regulatory changes, emerging threats and evolving technologies and implement appropriate control mechanisms based on risks within ’s environment.
Coordinate security efforts with operational security and connected IoT security to ensure seamless coverage of ’s critical assets, data, application, informational property, networks, servers, and endpoints.
Ten to fifteen years of experience in a combination of risk management, information security, and IT jobs
Strong understanding of strategic business imperatives and be able to articulate risk in the context of business objectives, he or she will have a deep working knowledge of relevant compliance, privacy, regulatory frameworks (e.g., ISO, SOX, GDPR) and Payment Card Industry (PCI) Data Security Standard (DSS)
Knowledge of common information security management frameworks (e.g., ISO, NIST, CSC)
Experience implementing and executing cyber risk management methodologies and processes
Excellent written, verbal and nonverbal communication skills, including the ability to communicate security and risk-related concepts to technical and nontechnical audiences at all levels of the organization as well as third-party executive and government agencies
Ability to articulate risks and recommended remediation/mitigation actions
Ability to successfully interact with and influence IT staff to quickly and successfully address IT audit findings and control gaps
Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
Proven ability to lead teams through change, including M&A activities
Experience in policy development, implementation, socialization and training
is an Equal Opportunity Employer
Diversity and Inclusion:
With our expanding global presence, cross-cultural insight and competence are essential for our ongoing success. We believe that a diverse workforce contributes different perspectives and creative ideas that enable us to continue to improve every day. Race, gender, ethnicity, country of origin, age, personal style, sexual orientation, physical ability, religion, life experiences and many more factors contribute to this diversity.
We take ongoing action to improve the diversity of our workforce by:
Ensuring leadership involvement and ownership
Attracting and retaining diverse talent at all levels
Fostering a globally aware, inclusive culture
Ensuring our practices are fair and non-discriminatory
For more detail information about the program, please refer official source from Pentair on following link below. If you meet these requirements, please register yourself at :
All applications will be treated confidentially.
Only qualified, short-listed applicants will be invited for furthers process.
If you are not interested in Director Cybersecurity Risk Compliance Golden Valley October 2021 Pentair above, you can try to find your job by read related jobs from another company in Golden Valley below.
Apply This Job
Submit your application via the link below:
Don't forget to like our fanpage to get updates on the latest job vacancies