Director, Cybersecurity and Privacy Risk Advisor
Arlington, Virginia
Hybrid
Full Time
$190k - $240k
Director, Cybersecurity and Privacy Risk Advisor
The Director, Cybersecurity and Privacy Risk Advisor is responsible for advancing Information Security Governance and Risk functions. This role involves overseeing the development, renewal, and maintenance of all policies, standards, processes, and procedures in alignment with the organization’s Information Security Policy. Additionally, the Director will build strong relationships, foster communication, and coordinate activities across key departments, including Privacy, IT, and the Office of General Counsel (OGC).
The company is located in Washington D.C. and will be a hybrid model.
What You Will Be Doing:
This position doesn’t provide sponsorship.
The Director, Cybersecurity and Privacy Risk Advisor is responsible for advancing Information Security Governance and Risk functions. This role involves overseeing the development, renewal, and maintenance of all policies, standards, processes, and procedures in alignment with the organization’s Information Security Policy. Additionally, the Director will build strong relationships, foster communication, and coordinate activities across key departments, including Privacy, IT, and the Office of General Counsel (OGC).
The company is located in Washington D.C. and will be a hybrid model.
What You Will Be Doing:
- Coordinate Information Security Governance and Risk workstreams, prioritizing critical activities.
- Formalize cyber risk controls within the ISO framework, aligning with standards, NIST controls, and the organization’s Information Security Policy.
- Lead the maintenance of controls, standards, and policies to ensure compliance and enable continuous monitoring through reporting and metrics.
- Facilitate communication and collaboration between governance and risk management processes related to information security and IT controls.
- Establish a comprehensive library of processes and procedures aligned with defined controls, tailoring them to specific risks.
- Set goals and develop plans to enhance Information Security Governance and Risk services, leveraging timely delivery and management methodologies.
- Demonstrated expertise in addressing complex IT risk management challenges.
- Proven experience in developing, implementing, and managing cybersecurity policies, processes, and procedures.
- Proficiency in leveraging tools and technologies to analyze cyber threats, risks, and vulnerabilities and deliver business intelligence.
- Strong skills in preparing clear, accurate documents and project deliverables using MS Office.
- Leadership abilities in directing teams, fostering collaboration, and achieving business objectives.
- Proven ability to balance team workloads, manage expectations, and create a positive work environment.
- Effective communication skills to build strong partnerships across the organization and provide timely, constructive feedback to team members.
- Bachelor’s degree.
- Extensive experience in a similar leadership role.
- At least 15 years of experience in Information Technology or Information Security.
- Minimum of 8 years’ experience in professional services or legal environments (preferred).
- At least 10 years of supervisory experience.
- Expert knowledge of project management best practices.
- Working knowledge of the NIST Cybersecurity Framework (CSF) and IT Service Management (ITSM).
This position doesn’t provide sponsorship.