Director, Governance, Risk, and Compliance
Company: Hudl
Location: Omaha
Posted on: January 25, 2023
Job Description:
We're looking for a Director, Governance, Risk, Compliance to
join our Security & Compliance team. If you're looking for the
unique opportunity to stretch your leadership capabilities, embrace
modern governance, risk, compliance practices through zero-trust
strategies, use your builder mentality & lead with the heart of a
teacher, you're in luck. You'll help shape the future of security
at Hudl.
The Director, Governance, Risk, Compliance is responsible for
managing & implementing GRC solutions, driving improvements,
creating standards & policies, maintenance of re-usable & scalable
solutions, and functioning as a subject matter expert on services
provided to the organization. The Director, Governance, Risk,
Compliance also builds and maintains strong relationships with
multiple business, technical teams, and customers and ensures that
the overall security strategy is aligned with both Hudl's strategic
objectives and Security & Compliance's charter.
You'll maintain a subject matter expert level of knowledge in GRC,
Enterprise Risk Management, security/compliance obligations,
regulatory requirements & anticipate legislative/regulatory
changes. You'll also architect, develop & implement the common
control framework and regulatory compliance programs that support
an "implement once, use many" philosophy. As the business evolves,
you'll ensure the GRC functions are well positioned to satisfy
customer expectations & industry obligations. The Director
functions as a key leader within the Information Security &
Compliance department and will lead a team of GRC analysts.
Our flexible work policy means you can decide where you want to
work: our Lincoln HQ, our Omaha office or remotely within the
majority of U.S. states (exceptions: Alaska, California, Colorado,
Connecticut, Delaware, D.C., Hawaii, Maine, Montana, New York, New
Jersey, New Mexico, New York, North Dakota, Oregon, Rhode Island,
Vermont and Washington). #LI-Remote
You are
- A leader. You're self-directed. You have the ability to develop
& communicate a vision others will be compelled to follow. You'll
serve as a governance, risk, compliance subject matter expert that
supports the development, implementation & maintenance of GRC &
associated frameworks for the enterprise. The best part - you'll
actively train, coach, and develop team members.
- GRC & Privacy Adept. You'll create and maintain information
security policies, standards and controls for the organization
based on zero-trust principles and aligned to the ISO standard.
You'll also oversee the information risk management process,
including risk analysis and mitigation activities, and enhancing
the Enterprise Risk Management (ERM) program.
- A strong communicator. You advise divisional leaders on risk
issues related to control design, effectiveness, regulatory changes
& risk appetite, and recommend actions in support of the changing
global regulatory environment.
- Organized. Documentation and knowledge-sharing comes naturally
to you. You value year-over-year improvements and monitor, measure
& refine the execution of security plans against strategic &
metrics: KRIs & KPIs
- A constant learner. You strive not just to learn, but to apply
what you've learned in your personal and professional life. You
understand current & emerging GRC changes, as well as staying
abreast on new standards, and frameworks & integrate them into
Hudl's existing enterprise architecture & design where
applicable.
- Curious. You question the who, what, when, why, where & how
with a desire for improvement. You're not satisfied with good
enough - you aim to achieve best-in-class capabilities while
maintaining efficiency & simplicity.
- Pragmatic. You can prioritize, clearly express tradeoffs and
generate buy-in on a solution that's best for everyone while in
alignment with organizational risk tolerance. You also serve as an
informal mentor & advisor to less experienced staff. You have the
unique ability to make appropriate decisions considering the
relative costs, risks and benefits of potential actions
You will
- Execute strategies that improve the efficacy, efficiency &
reliability of security governance, risk, compliance & privacy.
Partner with the Data Protection Officer & Legal to mature the
privacy program & support through the security program.
- Lead others by empowering innovative approaches and motivating
others to be proactive and resourceful. Train, coach, and develop
team members
- Apply your deep understanding of design and oversight of ISO
27001, 27002, 27701, 27017 & 27018. Refine controls under the
guidance of zero trust principles.
- Implement and lead all facets of Information Security
Compliance, procedures and controls to assure compliance with
applicable regulatory and legal requirements, including but not
limited to General Data Protection Regulation (GDPR), Family
Educational Rights & Privacy Act (FERPA), ISO 27001/2, SOC 2,
etc.
- Support enhancements driving the RFP, customer trust and due
diligence process, & overhaul customer-facing security program
documentation to greatly improve customer experience & improve
sales velocity..
- Cultivate relationships with business stakeholders (legal,
privacy, engineering, product, leadership) and maintain an in-depth
knowledge of strategic business plans in order to communicate.
GRC/privacy decisions, plans, goals and strategies.
- Provide reporting and metrics to senior leadership (KRI's &
KPI's).
- Assess, prioritize and effectively communicate the severity of
issues to stakeholders.
- Bring 8-10 years of relevant experience
- Understand the applicability of FERPA, SOC 2 Type 2, ISO
27001/27002/27701:2019 and willingness to support a common control
framework.
We will
- Champion work-life harmony. We'll give you the flexibility you
need in your work life (e.g., flexible vacation time, company-wide
holidays and timeout (meeting-free) days, remote work options and
more) so you can enjoy your personal life too.
- Guarantee autonomy. We have an open, honest culture and we
trust our people from day one. Your team will support you, but
you'll own your work and have the agency to try new ideas.
- Encourage career growth. We're lifelong learners who encourage
professional development. We'll give you tons of resources and
opportunities to keep growing.
- Provide an environment to help you succeed. We've invested in
our offices, designing incredible spaces with our employees in
mind. But whether you're at the office or working remotely, we'll
provide you the tech stack and hardware to do your best
work.
- Support your mental and physical health. We care about our
employees' wellbeing. Our Employee Assistance Program, employee
resource groups and fitness partner Peerfit have you
covered.
- Cover your medicalinsurance. We have multiple plans to pick
from to ensure you'll have the coverage you (and your dependents)
want, including vision, dental, fertility healthcare and family
forming benefits.
- Contribute to your 401(K). Yep, that's free money. We'll match
up to 4% of your own contribution.
Keywords: Hudl, Omaha , Director, Governance, Risk, and Compliance, Executive , Omaha, Nebraska
Didn't find what you're looking for? Search again!
Loading more jobs...