Director of Cybersecurity Risk Management

I'm seeking an experienced Director of Cybersecurity Risk Management to oversee and enhance an enterprise cyber risk program.

This pivotal role involves building and managing a team to develop cybersecurity risk practice, third-party risk management, security assessments, control frameworks, policies, and performance metrics. You'll be a key advisor to IT and business leaders, shaping a multi-year roadmap to address emerging threats.

📍 Location: MD
💼 Compensation: $150k-215k

Benefits Include

• Comprehensive medical, Rx, dental, and vision coverage
• 401(k) with employer match
• Critical illness and accident insurance
• Life insurance, short- and long-term disability

Job Requirements

• Develop and implement comprehensive cybersecurity frameworks (e.g., NIST CSF).
• Lead the creation of cybersecurity policies, standards, and procedures.
• Oversee security assessments, risk prioritization, and mitigation strategies.
• Manage and expand GRC platform capabilities for risk tracking and documentation.
• Govern third-party cyber risk management in collaboration with key stakeholders.
• Partner with Internal Audit for compliance and risk mitigation.
• Stay ahead of cyber trends, regulations, and best practices.

Expertise

• 10+ years of cybersecurity experience
• Certifications such as CISSP, CISM, or CRISC are highly desirable.
• Expertise in frameworks like NIST CSF, PCI, HIPAA, and SOX compliance.
• Hands-on experience with GRC tools (e.g., ServiceNow, Archer).
• Strong communication skills for engaging technical and non-technical audiences.

This is preferably a hybrid role out of Maryland, with potential for remote work with the right candidate.