As the world around us becomes more connected and more digital, there are increased opportunities for fraud and disruption due to cybersecurity attacks. The need for companies, products, and services to be secure is more important than ever in this constantly changing landscape.
Are you passionate about keeping good people safe from bad actors? We are too! We are HP Cybersecurity and we are tasked with the security of the HP enterprise. As HP continues our digital transformation, the work of the cybersecurity professional is never complete and is always interesting. Come be a part of making a difference with us!
The HP Cybersecurity Governance & Regulatory Compliance (G&RC) Analyst is responsible for driving Governance & Regulatory Compliance activities in the following areas of focus: Proactive adoption of new Cybersecurity Laws/Frameworks/Regulations, Policy Standards & Specifications, and/or Security Engagement. Collaboration with teams across Cybersecurity and IT/Business disciplines, control owners, support, and operations to help provide protection to HP’s critical assets.
This role will also participate significantly in functions aligned to ensure optimum adherence to Laws and Regulations and Internal Policies, Standards & Specifications across HP.
What a Cybersecurity Governance and Regulatory Compliance Analyst does at HP:
- Ensure timely execution of Cybersecurity deliverables including analysis, aggregation, and reporting of compliance requirements.
- Support compliance with emerging, new, and existing Cybersecurity Laws/Frameworks/Regulations.
- Support the development and implementation of HP Policy, standards, guidelines, tools, and documentation for consistent execution of risk management activities.
- Execute Governance & Compliance processes, e.g., Exception to Policy, Cybersecurity Awareness & Training activities, etc.
- Support internal & external audit readiness.
- Maintain strong working relationships with individuals and groups involved in managing information security risks and governance & compliance across the organization.
- Conduct periodic reviews with Cybersecurity and Business Unit Sr. Leadership risk owners to ensure accountability and visibility of all open issues and to verify progress is being made toward previously committed remediation plans.
- Support and lead continuous process and capability improvements.
Note: The above statements describe the general nature and level of work only. They are not an exhaustive list of all required responsibilities, duties, and skills. Other duties may be added, or this description amended at any time.
Individuals who thrive in this role at HP, typically have:
- 5+ years of relevant experience across a GRC team in the security area.
- Experience leading efforts to accomplish a team/process goal.
- Strong Governance & Compliance background; especially with Policies, Risk Management, Security Analysis, and Cybersecurity Laws/Frameworks/Regulations.
- Certification as a PCIP, CISA, CISM, CISSP, CRISC, or other Security discipline preferred. Or able to be certified in a one-year timeframe after being hired.
- Excellent interpersonal, written, and oral communication skills.
- Ability to work in a team-fostered, fast-paced, multi-tasking, global environment.
- Highly motivated self-starter who can self-prioritize to ensure optimum & timely results.
- Bachelor’s degree in Law as a plus.
About the G&C, Awareness and Training team:
The Governance & Compliance, Awareness and Training team is part of the Governance, Risk & Compliance team in HP Cybersecurity. Its primary objective is to support effective management of cyber security risks through continuous employee security awareness and driving compliance with Cybersecurity policies and security best practices while balancing with business requirements.
HP is an equal opportunity employer: https://www8.hp.com/h20195/v2/GetDocument.aspx?docname=c08129225
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided