Senior Director, Information Security, Risk Management and Compliance
Company: Hitachi America, Ltd.
Division: Information Technology Group (ITG)
Location: Santa Clara, CA
Status: Regular, Full-Time
The Senior Director, Information Security, Risk Management and Compliance is responsible to drive Hitachi America Ltd., (HAL) IT Information Security, IT Risk Management and IT Compliance. This role will be reporting to the HAL IT CIO. Partner and influence across a broad group of cross-functional stakeholders to drive alignment and adoption of security and risk management practices.
- Lead and manage a strategic, comprehensive information security, IT risk management and IT Compliance.
- Develop, implement and enhance security, risk management and IT Compliance framework.
- Manage all information security policy documents and ensure timely review, approval and socialization with the extended HAL team.
- Provide advisory to the extended IT team members on the information security process.
- Be an Internal advisor for all security related activities in projects, operations and adoption of new technology/applications.
- Be an external advisor and coordinator for all external HAL customer facing security work.
- Assist with security guidance during the overall business technology planning, providing a current knowledge and future vision of security for technology and systems.
- Collaborate and provide support to the enterprise's information security organization.
- Work directly with the IT Functional Leads, business units, ISRD (Information Security and Risk department) to facilitate risk assessment and risk management processes.
- Understand and interact with related disciplines through committees to ensure the consistent application of security policies and standards across all technology projects, systems and services.
- Partner with the HAL IT functional verticals, service providers to review key solution & design decisions to ensure definition, standards and selection of the optimal systems solution options is adopted to meet business needs.
- Partner with business stakeholders across the company to raise awareness of risk management concerns.
- Support IT Functional leads and business in making well informed security and risk management decisions.
- Manage the quarterly and annual compliance process (HITCO2, J-SOX) and coordinate audit discussions with the external auditor.
- Manage the regulatory compliance, internal assessments and compliance, process compliance activities.
- Manage all compliance and governance policy documents and ensure timely review, approval and socialization with the extended HAL team.
- Provide advisory to the extended team on the compliance and governance process.
- Ensure timely execution of internal and external Vulnerability assessments, penetration testing and related remediations.
- Manage Information security workshops, Trainings and meet Hitachi internal customers across global Hitachi to enable best security practices.
- Provide leadership with dashboard and metrics factual transparencies. Create and manage reporting and Dashboards for the CIO for 360-degree view of Information Security.
- Identify and align resources within the function to foster and improve innovation.
- Provide training opportunities and career development plans to develop staff and minimize skill gaps.
Required Skills and Qualifications:
- Degree in technology field required. Masters in IT or business administration is a plus.
- Professional security management certification with proven industry experience.
- 16+ years of experience in a combination of risk management, information security, Compliance and IT strategic/global IT transformation jobs.
- 10+ years of Stakeholder Management across key corporate functions, business units and executive leadership.
- 8+ years IT Change Management for large scale projects and programs.
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.
- Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams.
- Experience with contract and vendor negotiations, insurance advisory support and management including managed services.
- Specific experience in Agile (scaled) software development or other best in class development practices.
- Experience with Cloud computing/Elastic computing across virtualized environments.
- Detail oriented, analytical, and able to manage multiple tasks in a fast-paced environment.
- Demonstrated portfolio management and leadership skills, with a proven ability to connect strategy to execution.
- Strong cross-functional influencing skills, and proven ability to work with outside advisors.
- Strong written and verbal communication skills, including senior executive engagement and high level of personal integrity.
Equal Opportunity Employer (EOE)-Females/Minorities/Protected Veterans/Individuals with Disabilities
If you need a reasonable accommodation to apply for a job at Hitachi, please send the nature of request and contact information to [email protected] Queries other than accommodation requests will not be responded to.