Director - Cybersecurity Business Partner (Remote)

Donnelley Financial Solutions (DFIN) is a leader in risk and compliance solutions, providing insightful technology, industry expertise and data insights to clients across the globe. We're here to help you make smarter decisions with insightful technology, industry expertise and data insights at every stage of your business and investment lifecycles. As markets fluctuate, regulations evolve and technology advances, we're there. And through it all, we deliver confidence with the right solutions in moments that matter.
Summary:
The Director, Cybersecurity Business Partner will champion cybersecurity objectives across the supported unit(s) while fostering alignment with the business unit(s)'s organizational, operational, and technology initiatives.
Under the direction of the CISO, this role will partner with business leaders and technology stakeholders to establish and support efficient and sound business processes and practices, risk-informed decision-making, effective risk mitigation, accountability, and compliance with applicable compliance mandates and DFIN information security policies, procedures, and objectives.
The role will promote cybersecurity awareness, identify and report cyber risk, assist with the development and delivery of security and compliance training, serve as an advocate of the CISO and the business unit Executive Vice President while building and fostering relationship across all levels of the supported business unit, Product Management, Product Engineering, Information Technology, and other key stakeholders across the organization.
The Director, Cybersecurity Business Partner will partner closely with Application Security, Cyber Defense, IT Governance, and Network Security Services as needed to understand, communicate, and advocate the CISO organization's goals & objectives to business unit stakeholders.
Responsibilities:

• Implement and sustain an effective cybersecurity program for the supported business unit(s)
• Monitor the effectiveness of the cybersecurity controls for the supported business unit(s)
• Provides consultation, advice, and training on security matters for the supported business unit(s)
• Serve as a cybersecurity subject matter expert to assigned business unit(s) coordinating and providing knowledge, skills, and experience in business process engineering
• Ensure application and system access levels are aligned with DFIN's Model of Least Privilege
• Assesses and develops mitigation plans for cybersecurity threats and risks in close collaboration with business unit leadership and personnel
• Build and maintain appropriate cybersecurity key performance indicators and metrics and provide monthly, quarterly, and annual reporting to the DFIN CISO for the supported business unit(s)
• Acts as the point of contact on incidents and security matters for the supported business unit(s)
• Acts as the point of contact for technology audits for the supported business unit(s)
• Conducts security assessments, business impact analysis, incident response exercises, disaster recovery planning and exercises, and other diagnostic assessments as needed
• Understand the business organizational structure and culture to best attain objectives and results
• Manage executive management dashboards (Metrics, KPIs, Risk, Compliance)
• Construct and deliver effective Executive and Senior Management presentations and communications
• Monitor, test, and report on the supported business unit(s)'s compliance with DFIN policy, process, laws, regulations, Executive Orders, directives, policies, procedures, master service agreements, and remediation plans; monitor and follow up with the implementation of corrective action plans and recommendations
• Effective scope, lead, and drive overall delivery of complex projects and/or programs
• Budget forecasting and planning
• Other duties assigned by the CISO and/or CISO delegate(s)

Qualifications:

• 10+ years' leadership experience in information technology; 5+ in a security governance, risk, and compliance management experience
• Functional knowledge of applicable security regulatory requirements (SOX, GDPR).
• Prior experience managing security policy, standards, and controls definition
• Strong knowledge of current and emerging cyber security risks, and innovative risk management methods and solutions
• Experience with technology risk assessments
• Ability to collaboratively develop a risk mitigation strategy in conjunction with stakeholders
• Strong analytical thinking, written, and oral communication and presentation skills
• Demonstrated knowledge of industry authoritative sources such as COBIT, NIST, SOC2, GDPR, MRC, and ISO standards
• Must have the ability to influence others and work at all levels across the organizational structure
• Deep understanding of security and privacy concepts
• Experience working in an international/global organization
• In-Depth understanding and working knowledge of information security data and processes.
• Strong interpersonal skills and ability to work effectively with diverse and distributed teams
• Strong attention to detail, project management and organization
• Bachelors degree (or higher) strongly preferred

It is the policy of Donnelley Financial Solutions to select, place and manage all its employees without discrimination based on race, color, national origin, gender, age, religion, actual or perceived disability, veteran's status, actual or perceived sexual orientation, genetic information or any other protected status.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access j obs.dfinsolutions.com as a result of your disability. You can request a reasonable accommodation by sending an email to [email protected] .
Job Segment: Information Security, Project Manager, Technology