- Search for JobsSearch for Jobs
- Browse for JobsBrowse for Jobs
- Create a ResumeCreate a Resume
- Company DirectoryCompany Directory
9 days old
Director - 3rd Party Information Security & Risk - REMOTE
GE Energy
Glen Allen, VA 23060 Work Remotely
**Job Description Summary**
As Director 3rd Party Information Security & Risk, you will oversee the strategic and operational aspects of assessing the risk of new and existing third parties interacting with GE resources and data.
**Job Description**
**Responsibilities**
Lead team of ~17 security and audit specialists to perform IT security assessments/audits of third parties, build organizational capability and ensure goals and objectives are met
Define, maintain, and drive the third party security strategy across GE to ensure infrastructure (technology, process and resources) meet Business Service Level Agreements
Partner with and build strong working relationships key stakeholders including but not limited to IT, Sourcing, Legal and functional teams to enhance and maintain an assessment program which meets regulatory, compliance and business needs
Develop and maintain standard processes for evaluating third party risk
Maintain service documentation for all programs and establish clear Standard Operating Procedures
Oversee the global supplier audits as well as the supplier assessment program utilized across GE
Coordinate integrated IT risk assessments of proposed technology solutions and/or business models
Run cross-business security steering committees or Working Groups
Manage budgets and supplier contracts associated with the team
Partner with key industry peers to conduct benchmarking exercises to provide perspective on GEs maturity and to proactively implement best practices
Evaluate and communicate third party security risks and solutions to Business leadership
Maintain metrics, reporting and tracking program to ensure processes working as designed and risks are being tracked
Oversee maintenance and technology changes for vendor risk management platform and associated applications.
Oversee 3rd party continuous monitoring program
**Requirements**
Bachelor's degree in Information Systems or related field, with a minimum of 10 years of experience in Information Security or 8 years of Information Security experienced with a Masters degree
2 years of experience leading large security programs
Industry-recognized security certification such as CISSP, CISM or CISA
Candidates must be U.S. Citizen or Green Card holder. We are not able to consider candidates that would require sponsorship now or in the future for this opportunity.
**Desired** **Characteristics**
Experience with various industry regulations (PCI, HIPAA, Export Control, Data Privacy Laws, etc.)
Ability to take input from multiple stakeholders, complex business and technical requirements, quickly determine the appropriate security solution and then drive the outcome
Creative problem solver with strong analytical skills
Strong oral and written communication skills Able to communicate appropriately to both technical and management audiences
Strong interpersonal and leadership skills
Demonstrated knowledge of recognized IT Security-related standards and technologies
Experience in large global environments spanning multiple time-zones
Project Management experience
Strategic thought leader, able to take vague problems and develop broad solutions
* Preference for candidates who would be able to work from our Cyber Hub in the Richmond, VA area. Remote/Virtual candidates based in the U.S. will also be considered.
**Additional Information**
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer (https://assets.phenompeople.com/CareerConnectResources/GE11GLOBAL/en\_global/desktop/assets/images/poster\_screen\_reader\_optimized\_w\_supplement.pdf) . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).
As a federal government contractor, GE may in the future be required to have U.S. employees fully vaccinated against COVID-19. Some GE customers currently have vaccination mandates that may apply to GE employees.
**Relocation Assistance Provided:** No
\#LI-Remote - This is a remote position
As Director 3rd Party Information Security & Risk, you will oversee the strategic and operational aspects of assessing the risk of new and existing third parties interacting with GE resources and data.
**Job Description**
**Responsibilities**
Lead team of ~17 security and audit specialists to perform IT security assessments/audits of third parties, build organizational capability and ensure goals and objectives are met
Define, maintain, and drive the third party security strategy across GE to ensure infrastructure (technology, process and resources) meet Business Service Level Agreements
Partner with and build strong working relationships key stakeholders including but not limited to IT, Sourcing, Legal and functional teams to enhance and maintain an assessment program which meets regulatory, compliance and business needs
Develop and maintain standard processes for evaluating third party risk
Maintain service documentation for all programs and establish clear Standard Operating Procedures
Oversee the global supplier audits as well as the supplier assessment program utilized across GE
Coordinate integrated IT risk assessments of proposed technology solutions and/or business models
Run cross-business security steering committees or Working Groups
Manage budgets and supplier contracts associated with the team
Partner with key industry peers to conduct benchmarking exercises to provide perspective on GEs maturity and to proactively implement best practices
Evaluate and communicate third party security risks and solutions to Business leadership
Maintain metrics, reporting and tracking program to ensure processes working as designed and risks are being tracked
Oversee maintenance and technology changes for vendor risk management platform and associated applications.
Oversee 3rd party continuous monitoring program
**Requirements**
Bachelor's degree in Information Systems or related field, with a minimum of 10 years of experience in Information Security or 8 years of Information Security experienced with a Masters degree
2 years of experience leading large security programs
Industry-recognized security certification such as CISSP, CISM or CISA
Candidates must be U.S. Citizen or Green Card holder. We are not able to consider candidates that would require sponsorship now or in the future for this opportunity.
**Desired** **Characteristics**
Experience with various industry regulations (PCI, HIPAA, Export Control, Data Privacy Laws, etc.)
Ability to take input from multiple stakeholders, complex business and technical requirements, quickly determine the appropriate security solution and then drive the outcome
Creative problem solver with strong analytical skills
Strong oral and written communication skills Able to communicate appropriately to both technical and management audiences
Strong interpersonal and leadership skills
Demonstrated knowledge of recognized IT Security-related standards and technologies
Experience in large global environments spanning multiple time-zones
Project Management experience
Strategic thought leader, able to take vague problems and develop broad solutions
* Preference for candidates who would be able to work from our Cyber Hub in the Richmond, VA area. Remote/Virtual candidates based in the U.S. will also be considered.
**Additional Information**
GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer (https://assets.phenompeople.com/CareerConnectResources/GE11GLOBAL/en\_global/desktop/assets/images/poster\_screen\_reader\_optimized\_w\_supplement.pdf) . Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).
As a federal government contractor, GE may in the future be required to have U.S. employees fully vaccinated against COVID-19. Some GE customers currently have vaccination mandates that may apply to GE employees.
**Relocation Assistance Provided:** No
\#LI-Remote - This is a remote position
Categories
Posted: 2022-06-20 Expires: 2022-07-20
Before you go...
Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.
Powered By
