9 days old

Director - 3rd Party Information Security & Risk - REMOTE

GE Energy
Glen Allen, VA 23060 Work Remotely
**Job Description Summary**

As Director 3rd Party Information Security & Risk, you will oversee the strategic and operational aspects of assessing the risk of new and existing third parties interacting with GE resources and data.



**Job Description**



**Responsibilities**



Lead team of ~17 security and audit specialists to perform IT security assessments/audits of third parties, build organizational capability and ensure goals and objectives are met



Define, maintain, and drive the third party security strategy across GE to ensure infrastructure (technology, process and resources) meet Business Service Level Agreements



Partner with and build strong working relationships key stakeholders including but not limited to IT, Sourcing, Legal and functional teams to enhance and maintain an assessment program which meets regulatory, compliance and business needs



Develop and maintain standard processes for evaluating third party risk



Maintain service documentation for all programs and establish clear Standard Operating Procedures



Oversee the global supplier audits as well as the supplier assessment program utilized across GE



Coordinate integrated IT risk assessments of proposed technology solutions and/or business models



Run cross-business security steering committees or Working Groups



Manage budgets and supplier contracts associated with the team



Partner with key industry peers to conduct benchmarking exercises to provide perspective on GEs maturity and to proactively implement best practices



Evaluate and communicate third party security risks and solutions to Business leadership



Maintain metrics, reporting and tracking program to ensure processes working as designed and risks are being tracked



Oversee maintenance and technology changes for vendor risk management platform and associated applications.



Oversee 3rd party continuous monitoring program



**Requirements**



Bachelor's degree in Information Systems or related field, with a minimum of 10 years of experience in Information Security or 8 years of Information Security experienced with a Masters degree



2 years of experience leading large security programs



Industry-recognized security certification such as CISSP, CISM or CISA



Candidates must be U.S. Citizen or Green Card holder. We are not able to consider candidates that would require sponsorship now or in the future for this opportunity.



**Desired** **Characteristics**



Experience with various industry regulations (PCI, HIPAA, Export Control, Data Privacy Laws, etc.)



Ability to take input from multiple stakeholders, complex business and technical requirements, quickly determine the appropriate security solution and then drive the outcome



Creative problem solver with strong analytical skills



Strong oral and written communication skills Able to communicate appropriately to both technical and management audiences



Strong interpersonal and leadership skills



Demonstrated knowledge of recognized IT Security-related standards and technologies



Experience in large global environments spanning multiple time-zones



Project Management experience



Strategic thought leader, able to take vague problems and develop broad solutions



* Preference for candidates who would be able to work from our Cyber Hub in the Richmond, VA area. Remote/Virtual candidates based in the U.S. will also be considered.



**Additional Information**



GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer (https://assets.phenompeople.com/CareerConnectResources/GE11GLOBAL/en\_global/desktop/assets/images/poster\_screen\_reader\_optimized\_w\_supplement.pdf) . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.



GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).



As a federal government contractor, GE may in the future be required to have U.S. employees fully vaccinated against COVID-19. Some GE customers currently have vaccination mandates that may apply to GE employees.



**Relocation Assistance Provided:** No



\#LI-Remote - This is a remote position

Categories

Posted: 2022-06-20 Expires: 2022-07-20

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Director - 3rd Party Information Security & Risk - REMOTE

GE Energy
Glen Allen, VA 23060

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast