As the world around us becomes more connected and more digital, there are increased opportunities for fraud and disruption due to cybersecurity attacks.  The need for companies, products, and services to be secure is more important than ever in this constantly changing landscape.

Are you passionate about keeping good people safe from bad actors?  We are too!  We are HP Cybersecurity, and we are tasked with the security of the HP enterprise.  As HP continues our digital transformation, the work of the cybersecurity professional is never complete and is always interesting.  Come be a part of making a difference with us!

Job Title: Head of Governance, Risk Management and Compliance, HP Cybersecurity

Job Summary:  This role leads the GRC (Governance, Risk Management, and Compliance) capability for HP Cybersecurity and serves as an advisor to business and IT executives.  The Head of GRC works across the broader HP ecosystem to fuse business strategy and cyber risk to advance both business and cybersecurity goals and objectives.  This role reports directly to the HP CISO, and can be based in multiple locations within the United States.

Primary Role Responsibilities:

• Leads a multi-layered, global team of cybersecurity professionals
• Effectively navigates a complex stakeholder environment to advance HP Cybersecurity’s target operating model
• Understands HP’s business priorities and can navigate the optimum balance between business enablement and appropriate security posture
• Oversees and plays a key development role in the holistic cybersecurity technology and architecture roadmap for GRC
• Engages closely with internal partners in Legal, Privacy, and Government Affairs
• Provides guidance to the enterprise on emerging regulatory requirements
• Takes an active role in supporting and furthering key programs including but not limited to insider threat, secure data classification and protection, and pan-enterprise governance
• Handles specific delegations from HP CISO and represents the HP Cybersecurity organization internally and externally as needed
• Constantly analyzes current state to future state gaps and brings visibility/sets priorities accordingly
• Follows and synthesizes changes in the regulatory landscape with respect to cybersecurity
• Engage with Business Information Security Officers (BISO) across HP to advance pan-enterprise objectives

Primary Competencies and Capabilities:

• Has the ability to seamlessly navigate within varying operational levels from the functional to the strategic
• Has deep experience engaging with senior executives and business leaders to navigate cybersecurity risk coupled with business outcomes
• Manages the planning and execution of team objectives to drive self-reinforcing methodologies that advance HP’s overall cybersecurity strategy
• Ability to think outside the box and drive the broader team to develop new ideas, concepts and solutions to meet unarticulated needs or existing needs of the business
• Able to own and drive the furtherance of the HP Cybersecurity strategy at an enterprise level
• Has a strong history of cybersecurity governance in fast-paced technology-centric enterprises
• Demonstrates strong aptitude to understand business challenges and craft workable solutions
• Possesses strong professional will to make hard decisions, even when unpopular, if this is the best for the organization
• Is an exceptional leader, colleague, and mentor to the broader organization for which they serve
• Familiar with the usage and application of information security management tools
• Can develop concise, clear objectives from complex and ambiguous problem areas

Qualifications:

• Minimum of 10+ years of experience in a combination of cybersecurity and risk management
• Experience leading global teams
• Excellent verbal and written communication skills (English language)
• Knowledge of common information security management frameworks such as NIST and ISO/IEC 27001
• Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams in a matrixed environment
• Experience with M&A and strategic transformation
• Optional: Holding of any of the following certifications: CRISC, CISM, CISSP