Sr. Director, BISO
About The Position
As a global media and information services company, News Corp understands the importance of cybersecurity and mitigating risk across the organization. We believe in protecting our businesses and customers and are looking to build innovative solutions that will allow us to become a global leader in cybersecurity. If cybersecurity is your passion and you want to be part of a cutting edge team, we want to hear from you! The Director of Cyber Risk will be the primary point of contact for the assigned business unit and supports the implementation of the Global Cybersecurity program. As a trusted advisor, this individual will collect business requirements and risks, and will provide advice and oversight to ensure the business is compliant with required policies. Combining business acumen with technical knowledge, this role assists in improving the security posture with respect to delivering services and partnering with business unit leadership. This role will understand the key assets and processes, identify and evaluate risks and controls, and suggest incremental controls or risk mitigation strategies where necessary. Additionally, the individual will ensure business compliance with Security Policy and Standards while continuously monitoring and reporting on risks and documented exceptions.
Requirements
- Minimum of 10-15 years of professional working experience
- A Bachelor’s degree in Technology, Legal, Computer Science/Engineering, Cybersecurity, a related field or experience
- Must have a strong understanding of security compliance, policy management, security frameworks (NIST) and regulations.
- Solid foundation of security architectures and cloud computing environments
- Excellent communication skills. Ability to effectively communicate, both orally and in writing, through all levels of the organization and with customers
- Excellent problem solving, critical thinking, and analytical abilities
Nice To Haves
- International work experience or experience working as part of a globally dispersed team is a plus
- Comfortable working in matrixed organizations
- CISSP or CRISC certifications not required but highly referred
Responsibilities
- Develop and maintain in depth understanding of business unit processes, crown jewels, physical locations, systems, technologies, data, customers, partners
- Oversee PCI, with SOX and ISO 27001 initiatives, support internal technology audits, as well as support Privacy on GDPR/CCPA initiatives
- Oversee Client Assurance initiatives including responses to customer questionnaires, facilitate customer meetings and audits, and support Legal with the review of customer contracts.
- Understand business unit strategy and roadmaps to ensure security is embedded at the right control points
- Act as the primary local security contact / adviser for technology, news, legal, finance, audit, compliance, product leadership
- Run the monthly Cyber Risk Steering Committees and quarterly CEO briefings for the assigned business unit to ensure stakeholders are kept abreast of risks, threats, program maturity and projects
- Lead the development of unit specific security strategy
- Drive implementation of the Security Policies and Standards across the assigned business unit
- Proactively identify non-compliance and areas of potential improvement, and facilitate development and deployment of standard solutions
- Provide regular and timely reporting on the status of cybersecurity across the business unit
- Engage with the Incident Response Team (IRT) and provide escalation path for security issues, incidents and inquiries
- Work with the Cyber Defense, Product Security Engineering, Enterprise Security towers to assist in effectively driving program maturity
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Director
