Associate Director -Security Risk Management

Job Description

When you join Verizon

Verizon is one of the world’s leading providers of technology and communications services, transforming the way we connect around the world. We’re a human network that reaches across the globe and works behind the scenes. We anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together—lifting up our communities and striving to make an impact to move the world forward. If you’re fueled by purpose, and powered by persistence, explore a career with us. Here, you’ll discover the rigor it takes to make a difference and the fulfillment that comes with living the #NetworkLife.

In this role, you will be responsible for leading a highly skilled, purpose built team that designs, assesses, implements, and continuously improves Cyber Compliance efficiency and maturity across the product business cycle, operations, and technology evolution. This will require driving Cyber Compliance Governance Councils to socialize and steer critical path decisions with executive leadership teams. You and your team will employ industry best practices aligned with NIST 800-53 Control frameworks to achieve FedRAMP, FISMA, CMMC2.0 accreditations as well influence cross function requirements for enterprise risk management..

This team is also responsible for functions such as ATO/Audit preparedness (including performing internal assessments), metrics reporting, and RACI/RMF accountability and serves as the governance, risk management, and compliance (GRC) strategy owner for Public Sector Cybersecurity to ensure Verizon Business Group continues to meet and exceed customer requirements.

In this role you will have the responsibility of:

• Design and Implement processes, assessment, remediation playbooks, and GRC strategy to continuously improve Cyber Compliance across the product business cycle, operations, and technology enablement for Public Sector customers.

• Creating a unified and structured process with defined accountability and responsibilities for continuous compliance, monitoring, and remediation aligned with NIST RMF (800-37) .

• Design and perform internal assessments in accordance with NIST 800-53a, Security and Privacy Controls, to evaluate effectiveness and accuracy of control evidence to maintain FISMA and FedRAMP compliance.

• Implementing a formally-defined oversight, escalation, investigation and resolution process via appropriate governance

• Defining key performance indicators based on compliance data, business context, and risk scoring to support governance and management

• Drive and lead Executive Leadership Governance Councils, whereby the compliance objectives are shared with stakeholders, consensus on decisions is reached, and discussions occur surrounding risk impacts across the business

• Lead the compliance and strategy for ServiceNow GRC and develop the necessary processes, dashboards and goals for partner organizations.

• Drive automation of POAM SLAs, compliance requirements and develop interorganizational compliance agreements to create 100% accountability.

• Manage, track, and report on business case and capital and operating expenses for a five-year outlook, with input into revenue assumptions attributable to this organization.

• Driving the North Star Cyber Maturity Strategy and business plan with specific goals and objectives for security compliance that aligns to FedRAMP and FISMA High Impact Systems.

• Leading, motivating, and developing high potential talent providing assignments and mentoring to give exposure to the business and career development opportunities.

What we’re looking for...

You'll need to have:

• Bachelor’s degree or four or more years of work experience.

• Six or more years of relevant work experience.

• Knowledge of cybersecurity frameworks and demonstrated success in implementing them in large organizations.

• Experience stakeholdering with cross-functional team members and creating paths of shared success.

• Willingness to travel (25% or less).

Even better if you have one or more of the following:

• An advanced degree.

• Certifications such as ISACA CISA, CISM, CRISC, or CGEIT.

• Certifications in governance, program management and cloud technology (CSX-P, CDPSE, or CET, CSSIP, AWS Certification).

• Certifications such as ISACA CISA, CISM, CRISC, or CGEIT.

• Previous Public Sector clearances.

If Verizon and this role sound like a fit for you, we encourage you to apply even if you don’t meet every “even better” qualification listed above.

Where you’ll be working

In this hybrid role, you'll have a defined work location that includes work from home and a minimum eight assigned office days per month that will be set by your manager.

Scheduled Weekly Hours

40

Equal Employment Opportunity

We’re proud to be an equal opportunity employer - and celebrate our employees’ differences, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. At Verizon, we know that diversity makes us stronger. We are committed to a collaborative, inclusive environment that encourages authenticity and fosters a sense of belonging. We strive for everyone to feel valued, connected, and empowered to reach their potential and contribute their best. Check out our diversity and inclusion page to learn more.