BEAM IT. STREAM IT. We're doubling down with two ways to watch what you love. Welcome to the new DIRECTV.
Director, Cybersecurity Governance, Risk and Compliance
Location
California
Posted
3 days ago
Salary
$147.8K - $268.3K / year
Seniority
Lead
Job Description
Director, Cybersecurity Governance, Risk and Compliance
DIRECTV
• Lead the enterprise Cybersecurity Governance Program • Develop and maintain cybersecurity KPIs, KRIs, scorecards, and executive reporting • Prepare and facilitate monthly Cybersecurity Governance Reviews and executive presentations • Track cybersecurity initiatives, remediation activities, and strategic priorities • Drive accountability for cybersecurity performance across the organization • Lead enterprise cyber risk identification, assessment, reporting, and remediation programs • Maintain cybersecurity risk registers and risk treatment plans • Facilitate risk reviews with business and technology stakeholders • Present cybersecurity risk posture to senior leadership • Own cybersecurity policies, standards, procedures, and governance frameworks • Ensure alignment with industry standards and regulatory requirements • Maintain governance processes supporting cybersecurity decision-making • Lead cybersecurity compliance activities supporting PCI DSS, SOX, regulatory, and contractual requirements • Coordinate internal and external audits • Manage remediation efforts resulting from audit findings and assessments • Maintain cybersecurity control documentation and evidence repositories • Lead Supplier Information Security Requirement (SISR) governance and oversight • Manage third-party cybersecurity risk assessments and monitoring • Partner with Procurement, Legal, and Vendor Management organizations to ensure supplier security compliance • Lead enterprise cybersecurity awareness, training, and phishing simulation programs • Establish metrics to measure effectiveness and maturity • Drive continuous improvement of employee cybersecurity culture • Provide governance oversight of various security assurance and testing programs • Ensure testing results are tracked, reported, and remediated appropriately • Lead and develop cybersecurity governance personnel and contractors • Manage vendor and consulting relationships supporting GRC activities • Establish goals, objectives, and performance measures for the organization • Build a scalable governance function supporting DIRECTV's cybersecurity strategy.
Job Requirements
- Bachelor's degree in Cybersecurity, Information Technology, Business, Engineering, or related field
- 5 – 7 years required, 10+ years desired progressive cybersecurity experience
- 5+ years of leadership experience managing cybersecurity programs and teams
- Deep knowledge of cybersecurity governance, risk management, compliance, and security frameworks
- Experience with PCI DSS, NIST Cybersecurity Framework, ISO 27001, CIS Controls, and risk management methodologies
- Experience presenting cybersecurity metrics and risk information to executive leadership
- Strong written and verbal communication skills
- Preferred CISSP, CISM, CRISC, CGEIT, PCI ISA, or equivalent certifications
- Experience leading enterprise cybersecurity governance programs
- Experience in telecommunications, media, technology, or highly regulated industries
- Experience building cybersecurity governance organizations during periods of transformation or separation activities.
Benefits
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development opportunities
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Cyber Security Intern
CAREER PANACEAWe help Graduates & Skilled migrants get their Professional Job faster via our proven PROFESSIONAL INTERNSHIP PROGRAM.
• Develop security analysis and risk assessment skills by working closely with technical and non-technical stakeholders to identify, analyse, and document security risks and controls. • Assist in identifying and assessing security vulnerabilities across systems, applications, and cloud environments. • Support penetration testing activities and security testing processes to identify weaknesses and improve system resilience. • Contribute to cloud and network security tasks including configuration review, monitoring, and risk identification. • Assist in implementing and reviewing security controls such as IAM, access management, logging, and monitoring. • Support development and review of security policies, standards, and governance frameworks. • Participate in security research projects related to privacy, AI security, and emerging cyber risks. • Assist in documenting findings, risks, mitigation strategies, and technical recommendations. • Collaborate within an Agile environment with engineering, infrastructure, and technical teams.
• Drive the global GTM strategy and execution of the Cybersecurity business at Databricks. • Play a pivotal role in accelerating cyber revenue growth by building scalable assets for the field, designing enablement programs, and driving key partnerships. • Set a clear GTM vision for Cybersecurity, work with a cross-functional team, and focus on execution of scalable sales programs. • Build a clear business plan for Cybersecurity that drives alignment across sales, industry vertical leaders, enablement, partner management, marketing, field engineering, sales programs, and other key stakeholders. • Identify and foster new AI-driven use cases of the Databricks platform. • Identify operational gaps in the Cybersecurity GTM motion, be data-driven about quantifying business opportunities, and execute improvement plans. • Scale expertise across the GTM organization via enablement, building repeatable assets, and articulating a clear strategy and vision for Data and AI in Cybersecurity. • Collaborate with Partner teams to develop strategic relationships with Systems Integrators and build joint sales motions. • Collaborate with the marketing team to establish Databricks as a thought leader in the industry.
Cybersecurity Project Manager
BreachLock IncBreachLock is a global leader in Pen Testing as a Service (PTaaS) market with presence in the US, UK and EU.
• Own overall relationship with assigned clients • Ensure quality and timely service with high degree of responsiveness • Work with other internal teams in ensuring engagement goals are met • Educate clients on BreachLock capabilities and benefits • Manage client expectations and escalations • Ensure retention and satisfaction of all assigned clients with high NPS score • Help be the gatekeeper of quality for all deliverables. • Monitoring the delivery of active penetration tests through-out the lifecycle i.e., from kick-off to report delivery and retest • Escalate or immediately remove obstacles that arise during testing - ensuring swift resolution and smooth restoration of testing activity and customer satisfaction • Support junior resources to resolve escalations and offer general process guidance • Work with Cross Functional Teams to deliver pentesting as a service engagements • Participate in Practice development activities • Train other team members • Build best practices and scalable repeatable processes for Project management function
• Build and own your pipeline from scratch to drive Abusix's growth independently of inbound volume • Run discovery calls and tailored demos with technical and business stakeholders to qualify opportunities and create genuine buying momentum • Design and manage proof-of-concept (POC) processes with our technical team to give prospects hands-on experience with Guardian Mail, Guardian Ops, or Guardian Intel • Lead commercial negotiations and contract discussions end-to-end to convert qualified opportunities into signed, long-term customer relationships • Research and map target accounts to identify the right entry points and build multi-threaded stakeholder relationships • Share market intelligence and prospect feedback with product and marketing to sharpen Abusix's positioning and surface new opportunities
