remote

Director, Cybersecurity Governance, Risk and Compliance - DIRECTV

Security Engineer

Leads enterprise cybersecurity governance, risk, and compliance programs, ensuring regulatory adherence, effective risk mitigation, policy enforcement, security awareness, and supplier security oversight while aligning initiatives with business objectives.

About the role

The Director, Cybersecurity Governance, Risk and Compliance (GRC) is responsible for leading DIRECTV 's enterprise cybersecurity governance, risk management, compliance, policy, and security assurance programs. This role provides strategic leadership and operational oversight across cybersecurity governance functions, ensuring cybersecurity risks are effectively managed, regulatory and contractual obligations are met, and cybersecurity initiatives align with business objectives.

The Director serves as the primary leader for cybersecurity governance activities, executive cybersecurity reporting, risk management, compliance programs, security awareness initiatives, supplier security oversight, and security assurance testing programs.

This position manages a team of cybersecurity professionals and contractors and serves as a key partner to technology, business, audit, legal, procurement, privacy, and executive leadership teams.

Here’s what you’ll do:

Cybersecurity Governance

Lead the enterprise Cybersecurity Governance Program.
Develop and maintain cybersecurity KPIs, KRIs, scorecards, and executive reporting.
Prepare and facilitate monthly Cybersecurity Governance Reviews and executive presentations.
Track cybersecurity initiatives, remediation activities, and strategic priorities.
Drive accountability for cybersecurity performance across the organization.

Cyber Risk Management

Lead enterprise cyber risk identification, assessment, reporting, and remediation programs.
Maintain cybersecurity risk registers and risk treatment plans.
Facilitate risk reviews with business and technology stakeholders.
Present cybersecurity risk posture to senior leadership.

Policy, Standards and Governance

Own cybersecurity policies, standards, procedures, and governance frameworks.
Ensure alignment with industry standards and regulatory requirements.
Maintain governance processes supporting cybersecurity decision-making.

Compliance and Audit

Lead cybersecurity compliance activities supporting PCI DSS, SOX, regulatory, and contractual requirements.
Coordinate internal and external audits.
Manage remediation efforts resulting from audit findings and assessments.
Maintain cybersecurity control documentation and evidence repositories.

Third-Party and Supplier Security

Lead Supplier Information Security Requirement (SISR) governance and oversight.
Manage third-party cybersecurity risk assessments and monitoring.
Partner with Procurement, Legal, and Vendor Management organizations to ensure supplier security compliance.

Security Awareness and Training

Lead enterprise cybersecurity awareness, traini

About the role

This position manages a team of cybersecurity professionals and contractors and serves as a key partner to technology, business, audit, legal, procurement, privacy, and executive leadership teams.

Here’s what you’ll do:

Cybersecurity Governance

Lead the enterprise Cybersecurity Governance Program.
Develop and maintain cybersecurity KPIs, KRIs, scorecards, and executive reporting.
Prepare and facilitate monthly Cybersecurity Governance Reviews and executive presentations.
Track cybersecurity initiatives, remediation activities, and strategic priorities.
Drive accountability for cybersecurity performance across the organization.

Cyber Risk Management

Lead enterprise cyber risk identification, assessment, reporting, and remediation programs.
Maintain cybersecurity risk registers and risk treatment plans.
Facilitate risk reviews with business and technology stakeholders.
Present cybersecurity risk posture to senior leadership.

Policy, Standards and Governance

Own cybersecurity policies, standards, procedures, and governance frameworks.
Ensure alignment with industry standards and regulatory requirements.
Maintain governance processes supporting cybersecurity decision-making.

Compliance and Audit

Lead cybersecurity compliance activities supporting PCI DSS, SOX, regulatory, and contractual requirements.
Coordinate internal and external audits.
Manage remediation efforts resulting from audit findings and assessments.
Maintain cybersecurity control documentation and evidence repositories.

Third-Party and Supplier Security

Lead Supplier Information Security Requirement (SISR) governance and oversight.
Manage third-party cybersecurity risk assessments and monitoring.
Partner with Procurement, Legal, and Vendor Management organizations to ensure supplier security compliance.

Security Awareness and Training

Lead enterprise cybersecurity awareness, traini

Director, Cybersecurity Governance, Risk and Compliance - DIRECTV

About the role

Director, Cybersecurity Governance, Risk and Compliance - DIRECTV

About the role

Skills