Director – Risk & Compliance | Remote to Start

Job Description Summary

Job Description

Roles and Responsibilities

In this role, you will:

  • Oversee a team of risk, compliance and audit professionals to perform audit/assurance and compliance activities for CoreTech Infrastructure
  • Partner with and build relationships with key stakeholders, including Finance, Legal, external auditors and Corporate Cyber teams
  • Develop and maintain strategy and approach for ensuring compliance to external regulations such as Sarbanes Oxley, FISMA, and Export Control
  • Develop and maintain strategy and approach for ensuring compliance to GE’s IT risk and security policy and standards, including ISO
  • Oversee execution of strategy and approaches to demonstrate compliance to external regulations and GE’s IT risk and security policy and standards
  • Coordinate execution of risk management activities as directed by Cybersecurity & Technology Risk. Partnering with peers in the CoreTech teams, to develop and implement approach to summarize and report on risk profile for CoreTech Infrastructure
  • Assist risk and control issue owners in remediation planning and execution, to ensure actions address root cause
  • Coordinate and provide regular reporting on open issues, e.g., external audit, CAS and other control-related issues

Minimum Qualifications

  • A Bachelor’s Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math) and 8+ years of relevant experience.

  • US Work Authorization is required. We will not sponsor work visas now or in the future for this role.

  • This position will start out remote and progress into ~60% on site working beginning in September from GE’s Buckhead Offices.

Desired Characteristics

  • Masterful understanding and knowledge of IT Security control frameworks (i.e. NIST, ISO, etc.) as well as regulatory requirements impacting IT systems .(i.e. SOX, DFARS, etc.)
  • Experience managing a team of cybersecurity risk, compliance and audit professionals.
  • Understanding of IT security audit processes and practices for both internal and external auditors.
  • Technical expertise across Network, Datacenter and Cloud Technologies.
  • Previous experience implementing cybersecurity controls.
  • Ability to clearly communicate to senior leadership the regulatory & compliance risks to the business.
  • Experience developing & implementing a cybersecurity governance program.
  • Experience developing & implementing a risk management framework.
  • Knowledge of Disaster Recovery and Business Continuity Planning.
  • General understanding of Physical Security, EHS and Crisis Management.

This role is restricted to U.S. persons (i.e., U.S. citizens, permanent residents, and other protected individuals under the Immigration and Naturalization Act, 8 U.S.C. 1324b(a)(3)) due to access to export-controlled technology. GE will require proof of status prior to employment.

Additional Information

GE offers a great work environment, professional development, challenging careers, and competitive compensation. GE is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

GE will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).

Relocation Assistance Provided: No

More Information

Apply for this job

Leave your thoughts

Share this job