Job Posting \#320

Position: Vice President - Cyber Risk Oversight
Department: Global Risk Services
Reports to: Global Risk Services – Chief of Staff
Status: Full-time, Direct-Hire
Location: St. Louis, MO – Hybrid On-site need. Must reside in St. Louis, MO.
Salary: Based on experience – Seeking candidates with 10+ years of expertise.

Overview:

Leads efforts to address complex cyber risk management challenges facing The Company, including serving as primary advisor on cyber risk to Global Risk Services Leadership Team. Responsible for working within The Company’s matrixed cyber risk management framework to help define and align strategies for security risk management and governance and ensure that exposures to cyber risk are identified and managed at an acceptable level.

Principal Duties & Responsibilities:

• Lead and oversee Global Risk Services assessment activities over cyber risks – including third-party cyber risks – partnering with other stakeholders (IT, GSPO, Internal Audit, etc.) as required.

• Lead and provide oversight for the team performing information security risk and control assessments. Assists with the development and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies and applicable laws and regulations.
• Facilitate prioritization of cyber risk and due diligence activities with The Company segment leaders.
• Serve as a technical representative on enterprise-wide risk committees and working groups covering areas related to cyber risk management and governance.
• Lead global projects related to 2nd line oversight of cyber risk utilizing GRS and matrixed resources where appropriate.
• Lead GRS efforts to develop and report cyber risk limits/tolerances to senior management and the Board.
• Work with The Company stakeholders to improve cyber risk management training and awareness efforts globally.
• Maintains regular and predictable attendance.
• Performs other duties as required.

Requirements:

Education & Experience:

• 10+ years of relevant experience in information security or directly related field.
• Bachelor’s degree in computer science, Information Systems, Software, Electrical or Electronics Engineering, or equivalent
• 5+ years supervisory/management/leadership experience
• Prefer a certification in one or more of the following - CISSP, CISM, CISA, CRISC, GPEN, CEH

Required Skills & Abilities:

• Strong familiarity with information security, risk management, and IT governance standards and frameworks (e.g., NIST 800-53, ISO 27000, ISO 31000, etc.)
• Experience in formal risk assessment and risk management practices
• Experience with vulnerability analysis processes and best practices
• Large, complex implementation and deployment experience of security tools and programs.
• Experience in second line risk management of cyber and other technology risks
• Highly advanced analytical and problem-solving skills.

Required Skills & Abilities:

• Experience managing third-party risk, business continuity risk, and IT operational risk

The following statements are intended to describe the general nature and level of work being performed. This is not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel.


We value diversity at our company. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying.

***To be considered, please apply for this job below***

If you experience any issues applying or to learn more about the position, please contact Cheyene Marling - BC Management (powered by Witt O’Brien’s) at cmarling@wittobriens.com.