Director, Cybersecurity and Privacy Risk

TalentFish is casting a line for a Director, Cybersecurity and Privacy Risk Advisor . This is a Direct Hire role in CHI, DC, NY or ATL . The Director, Cybersecurity and Privacy Risk Advisor will drive the advancement of Information Security Governance and Risk functions, overseeing the development, renewal, and maintenance of policies, standards, and procedures in alignment with the firm's Information Security Policy. This role involves connecting workstreams, fostering collaboration across Privacy, IT, and OGC, and managing stakeholder interactions firm wide. Candidates should have leadership experience, strong communication skills, and a collaborative approach, with expertise in regulatory frameworks and process improvement. Familiarity with ISO certification is essential, as the firm is actively pursuing this accreditation.

What You Bring to the Role. (Ideal Experience)

• Bachelor's degree
• Proven experience in a similar role
• At least 15 years' work experience, ideally in the Information Technology or Information Security sector
• At least 8 years' experience in a professional services or legal environment (preferred);
• At least 10 years' supervisory experience
• Expert knowledge of project management best practices; and
• Working knowledge of NIST Cybersecurity Framework (CSF) and IT Service Management (ITSM).
• What You'll Do. (Skills Used in this Position)
• Coordinate Information Security Governance and Risk work streams and establish prioritization of key activities
• Formalize cyber risk controls as managed within ISO framework for standards and policy, NIST controls and cyber risk assessments, including controls managed within the Information Security Policy
• Lead efforts within the team to maintain controls, standards and policies for meeting compliance and continuous control monitoring as part of reporting and metrics
• Facilitate discussions and communication between governance and risk management process related to information security and IT controls activities
• Establish library of process and procedures aligned with set of controls and tailor the controls as needed to the risk; and
• Establish goals and develop plans to continually improve Information Security Governance and Risk services leveraging timely delivery and management methodologies.
• Demonstrates proven thought leader abilities, competencies and success solving complex IT-risk management issues
• Experience with the identification, development, and oversight of cybersecurity policy, processes, and procedures
• Knowledge of tools and technology to provide data analytics and business intelligence on cyber threats, risks and vulnerabilities
• Ability to prepare concise and accurate documents using MS Office to complete project deliverables
• Demonstrates proven thought leadership abilities with directing and business functions and teams
• Creates positive working environment by monitoring and managing workloads of the team while balancing expectations
• Provides candid, meaningful feedback in a timely manner to team members while keeping leadership informed of progress and issues; and
• Ability to communicate effectively across the organization and build strong partnerships with other teams.

Compensation Information