Xerox Governance, Risk Management and Compliance Director in Kerala, India
Xerox (NYSE: XRX) makes every day work better. We are a workplace technology company, building and integrating software and hardware for enterprises large and small. As customers seek to manage information across digital and physical platforms, Xerox delivers a seamless, secure and sustainable experience. Whether inventing the copier, the ethernet, the laser printer or more, Xerox has long defined the modern work experience. Learn more at www.xerox.com and explore our commitment to diversity and inclusion. at https://www.xerox.com/en-us/jobs/diversity
This position reports to the CISO and has the overall responsibility for Xerox’s Cyber Security Governance, Risk and Compliance (GRC) management. The qualified candidate will lead a team of GRC professionals who are responsible for building and deploying effective policies, processes and controls across various technologies, systems, applications and business operations in the enterprise. The candidate must demonstrate a passion for security and lead by example that fosters continued growth and expertise within the team.
•Manage Xerox’s Cyber Security policies and standards
•Establish and maintain a third-Party risk management program
•Manage Xerox’s security training and awareness program
•Oversee technical assessments of the effectiveness and design of cybersecurity controls
•Establish and manage a security compliance program covering applicable regulatory and compliance requirements
•Evaluate and improve GRC tools and capabilities
•Quantify and report risk for senior management and other stakeholders
•Serve as a security liaison for business stakeholders in Legal, Internal Audit, Privacy, Enterprise Risk Management (ERM), etc.
•Manage the cyber security team including hiring, training, talent development and performance management
Knowledge and Skills Required:
•Strong knowledge of and experience in security requirements, standards and practices including NIST CSF, NIST 800-53, ISO 27001, PCI DSS, SOC2, COBIT, GLBA, SOX, GDPR, OWASP Top 10, SANS Top 25, etc.
•Experience in building and managing compliance and risk management programs
•Background in developing and maintaining security policies, processes, procedures and standards
•Knowledge of and prior hands-on experience in GRC tools/ technologies
•Excellent written as well as verbal communication skills
•Ability to manage across multiple competing priorities and time-sensitive initiatives
•Strong ability to motivate and lead team members in a remote/virtual environment
•Uncompromising personal and professional integrity and ethics
Education and Experience Required:
•B.E. in computer science, information systems, engineering or related field.
•At least 10 years of related experience
•One or more Industry-standard security certifications (such as CISSP, CISM, CISA, CRISC)
•Prior managerial experience leading technical teams
Xerox is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, sex, marital status, sexual orientation, physical or mental disability, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. Learn more at www.xerox.com at https://www.xerox.com/ and explorer our commitment to diversity and inclusion! at https://www.xerox.com/en-us/jobs/diversity People with disabilities who need a reasonable accommodation to apply or compete for employment with Xerox may request such accommodation(s) by sending an e-mail to XeroxStaffingAdminCenter@xerox.com. Be sure to include your name, the job you are interested in, and the accommodation you are seeking.
© 2019 Xerox Corporation. All rights reserved. Xerox® and Xerox and Design® are trademarks of Xerox Corporation in the United States and/or other countries.
Title: Governance, Risk Management and Compliance Director
Requisition ID: 20000321