Cybersecurity GRC (Governance Risk Management, and Compliance)
Cybersecurity Governance & Risk Management
Level: Senior ManagerMeet The Team
Cybersecurity is an integral part of Hitachi Vantara' s corporate culture. At Hitachi Vantara, we believe that it is the responsibility of every employee to protect the company, customers, and people information, and ensure regulatory compliance. Cybersecurity has a significant effect on privacy, consumer trust, external reputation, and it is a priority on every business agenda.
We are the Cybersecurity Governance, Risk Management and Compliance (GRC) team, part of Global Cybersecurity at Hitachi Vantara, and we are passionate advocates of cybersecurity including Information Security!
We are charged with maintaining Hitachi Vantara competitive advantage in the market by protecting the company's key information data wherever it is located, provided, processed, or transported by a third party or internally; ensure adequate handling, while overseeing effectiveness of cybersecurity processes and controls.
We are out-of-the-box thinkers, innovators, and team players. We constantly seek new and better ways of doing things. We need a highly motivated individual to join our dynamic team who has a positive attitude and wants to be part of something special. We strive to facilitate best-in-class security governance, risk management, and compliance that enables and protects Business.What You Will Be Doing
The Sr. Manager of Cybersecurity Governance and Risk Management reports directly to the Cybersecurity GRC head and has the primary responsibility of designing, establishing, and maintaining Hitachi Vantara' s overall Cybersecurity risk management program, ensuring the company is protected from cybersecurity threats, manages security risks, including those related to third parties or service providers, and meets legal and regulatory expectations wherever Hitachi Vantara operates. This is a position with global responsibility and will interact and collaborate proactively with practitioners across Cybersecurity, IT, legal, compliance, Enterprise Data Governance (EDG), business units (BUs), and audit in different regions and countries to ensure cybersecurity controls are effectively designed and executed to meet Hitachi Vantara' s risk expectations and business goals. This is a hands-on leadership role and a member of various governance, compliance, and incident response groups.
The GRC team is responsible for providing oversight and governance over all cybersecurity related activities within Hitachi Vantara and ensuring management of awareness, compliance training, education, metrics, and risk posture of the cybersecurity environment.
The successful candidate will be able to articulate well, explain difficult concepts in ways that are easy to understand, be a team player, open minded, resilient, willing to admit mistakes, be ready to always back up their words with data and solid analysis, and always be seeking opportunity to grow.What You Bring to the Team
- Hitachi Vantara is a global company, and the candidate will be interacting with staff remotely across Asia, Europe, and the Americas where English is the language of choice. Therefore, excellent written and communication skills in English is crucial, as well as track record of working with teams in different geographies, cultures, and time zones, leading delivery of complex, multi-faceted cybersecurity initiatives.
- 10+ years experience in running a cybersecurity GRC role or a related function
- Bachelor's or Master's degree in Information Security, Cybersecurity, Computer Sciences or related
- Highly desirable for the candidate to have security certifications such as CISSP, CISM, CRISC, or other information security, cybersecurity or GRC certifications.
- Strong working knowledge of/experience with international compliance requirements/standards such as ISO/IEC 27001, 27002, 27005, etc., NIST Cybersecurity framework, COBIT, FAIR, NISP SP-800 -x, GDPR, NIS, etc.
- Attested ability to establish and sustain effective, professional relationships with product and business managers; work closely with business partners to understand business drivers and market requirements.
- Strong working knowledge in control assurance, audit, reporting, metrics, risk, and performance indicators.
- Provide oversight and serve as the leadership point of contact for the Cybersecurity Risk Management and Governance team.
- Take end to end ownership of cybersecurity governance and risk management programs including security framework, policies, standards, third party risk management, metrics, risk and performance indicators, reporting, security awareness and education program.
- Responsible and development of security risk management using continuous self-assessments, external risk assessments and reporting.
- Provide continuous input to the Cybersecurity GRC head and help measure the cybersecurity risk posture of Hitachi Vantara.
- Provide leadership and engage with lines of business to perform security assessments and ensure timely execution of projects and program while mitigating any security risks
- Hands on experience developing cybersecurity & Information Security standards, processes and ensuring compliance with them.
- Technically strong in understanding and solving complex cybersecurity challenges, having a track record of leading the delivery of complex, multi-faceted technology initiatives.
- Knowledge of different Cloud environments (AWS, Microsoft, SaaS, etc) and AI concepts is desirable.
- Mentor, coach, and train security staff
Hitachi Vantara is part of the Global Hitachi family. We balance innovation with an open, friendly culture and the backing of a long-established parent company, known for its ethical reputation. We guide customers from what's now to what's next by unlocking the value of their data and applications to solve their digital challenges, achieving outcomes that benefit both business and society.
Our people are our biggest asset, they drive our innovation advantage as we strive to offer a flexible and collaborative workplace where they can thrive. Diversity of thought is welcomed, and our employee base is represented by several active Employee Resource Group communities. We offer industry leading benefits packages (flexible working, generous pension and private healthcare) and promote a creative and inclusive culture. If driving real change gives you a sense of pride and you are passionate about powering social good, we'd love to hear from you. Our Values
We strive to create an inclusive environment for all and are open to considering home working, compressed/flexible hours, and flexible arrangements. Get in touch with us to explore how we might be able to accommodate your specific needs.
We are proud to say we are an equal opportunity employer and welcome all applicants for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. With Japanese roots going back over 100 years, our culture is founded on the values of our parent company expressed as the Hitachi Spirit:
Wa - Harmony, Trust, Respect
Makoto - Sincerity, Fairness, Honesty, Integrity
Kaitakusha-Seishin - Pioneering Spirit, Challenge