Risk Management and Compliance Lead

1 Month ago • 10 Years + • Cyber Security

About the job

Job Description

The Risk Management and Compliance Lead at HP is responsible for overseeing and improving the company's security governance, risk management, policies, and operations. This includes performing security risk assessments, implementing and maintaining security controls (meeting regulatory requirements like ISO, CMMC, FEDRAMP), ensuring compliance with internal and external regulations, leading SOX compliance efforts, documenting and reporting on compliance levels, training staff, maintaining policies and procedures, and managing a risk register. The role involves close collaboration with the enterprise security team and business unit leads to manage cybersecurity risks and ensure business outcomes. Responsibilities also encompass maintaining a digital asset inventory and generating compliance reports and metrics.
Must have:
  • Cybersecurity governance & operations
  • Risk management & analysis
  • Compliance (ISO, CMMC, FEDRAMP, SOX)
  • Security controls implementation
  • Auditing & IT auditing
  • Documentation & reporting
  • Training & guidance
Good to have:
  • Automation
  • Issue tracking
  • Cloud compliance
Not hearing back from companies?
Unlock the secrets to a successful job application and accelerate your journey to your next opportunity.
Risk Management and Compliance Lead

Description -

Job Summary
• The Cybersecurity Governance focus specializes in developing and executing security controls, defenses and countermeasures to prevent attacks or attempts to infiltrate firm email, data, e-commerce and web-based systems. Administers policies to control physical/virtual access to systems. Performs tests to ensure policy compliance; responds to breaches and threats.

Responsibilities

• Leads the management and proactive improvement of HP's security governance, risk management, policies, and operations related to issue resolution, vulnerability/threat analysis and prevention, and security research. Works closely with the enterprise security team, guided by other risk management leaders, to manage compliance and cybersecurity risks at the business unit level.

  • Security risk assessments: Performing assessments to identify risks and compliance issues
  • Security controls for PRINT organization: Implementing and maintaining security controls to meet regulatory requirements. Driving necessary compliance efforts (ISO, CMMC, FEDRAMP etc..), including access control and cloud compliance across business units for PRINT
  • Compliance: Ensuring compliance with internal and external requirements, such as laws, regulations, and industry frameworks
  • Leading SOX compliance efforts for PRINT – Access review coordination for SOX ITGC and Business Applications
  • Documentation: Documenting and reporting on compliance levels, control failures, and gaps
  • Training: Training and guiding other staff on security assessment functions
  • Policy and procedure maintenance: Maintaining and proposing edits to policies and procedures
  • Risk register: Maintaining a risk register and tracking mitigation efforts  for a subset of business units
  • Compliance reports: Generating and providing compliance reports and metrics
  • Maintaining digital asset Inventory for PRINT by coordinating with BU security leads and enterprise security team
  • Collaborate with risk and control owners to manage the risks to enable business outcomes.


Education & Experience Recommended
• Four-year or Graduate Degree in Computer Science, Information Technology, or any other related discipline or commensurate work experience or demonstrated competence.
• Typically has 10+ years of work experience, preferably in cyber & IT security, or a related field.

Preferred Certifications
• N/A

Knowledge & Skills
• Cybersecurity operations
• Cybersecurity governance
• Cybersecurity policies
• Auditing/ IT Auditing
• Risk management
• Automation
• Risk analysis
• Issue tracking
• Security controls
• Operating systems

• SOX ITGC controls ( Access Management, Change Management, & IT Operations)

• SOX financial reporting

• Risk Assessment

• Control validation

Security compliance

• CMMC Experience

• ISO Experience

Cross-Org Skills
• Effective Communication
• Results Orientation
• Learning Agility
• Digital Fluency
• Customer Centricity

Impact & Scope
• Impacts large functions and leads large, cross-division functional teams or projects.

Complexity
• Provides highly innovative solutions to complex problems within established policy.

Disclaimer
• This job description describes the general nature and level of work performed in this role. It is not intended to be an exhaustive list of all duties, skills, responsibilities, knowledge, etc. These may be subject to change and additional functions may be assigned as needed by management.

#LI-POST

Job -

Data & Information Technology

Schedule -

Full time

Shift -

No shift premium (India)

Travel -

Relocation -

Equal Opportunity Employer (EEO)

HP, Inc. provides equal employment opportunity to all employees and prospective employees, without regard to race, color, religion, sex, national origin, ancestry, citizenship, sexual orientation, age, disability, or status as a protected veteran, marital status, familial status, physical or mental disability, medical condition, pregnancy, genetic predisposition or carrier status, uniformed service status, political affiliation or any other characteristic protected by applicable national, federal, state, and local law(s).

Please be assured that you will not be subject to any adverse treatment if you choose to disclose the information requested. This information is provided voluntarily. The information obtained will be kept in strict confidence.

If you’d like more information about HP’s EEO Policy or your EEO rights as an applicant under the law, please click here: Equal Employment Opportunity is the Law Equal Employment Opportunity is the Law – Supplement

View Full Job Description

Add your resume

80%

Upload your resume, increase your shortlisting chances by 80%

About The Company

Our vision is to create a world where innovation drives extraordinary contributions to humanity. This vision guides everything we do, how we do it, and why we do it.

Our technology – a product and service portfolio of personal systems, printers, and 3D printing solutions – was created to inspire our vision and we are doing everything in our power across climate action, human rights, and digital equity to make it so.

We believe thoughtful ideas can come from anyone, anywhere, at any time. And all it takes is one to change the world.

London, England, United Kingdom (On-Site)

Milan, Lombardy, Italy (On-Site)

Barueri, São Paulo, Brazil (On-Site)

Sant Cugat Del Vallès, Catalonia, Spain (On-Site)

Porto Alegre, State Of Rio Grande Do Sul, Brazil (On-Site)

İstanbul, İstanbul, Türkiye (On-Site)

Spring, Texas, United States (On-Site)

Ratingen, North Rhine-Westphalia, Germany (On-Site)

Böblingen, Baden-Württemberg, Germany (On-Site)

View All Jobs

Get notified when new jobs are added by HP

Similar Jobs

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Get notifed when new similar jobs are uploaded

Jobs in Bengaluru, Karnataka, India

Baker Hughes - Senior Technical Product Manager

Baker Hughes, India (Remote)

DAZN - Cloud(AWS) DBA

DAZN, India (On-Site)

Zoom - Endpoint Architect

Zoom, India (Hybrid)

Simple Viral Games - Product Designer Intern

Simple Viral Games, India (On-Site)

Nielsen - Software Engineer - AM-TECH-DA-027

Nielsen, India (Hybrid)

Assystems - Aveva Specialist

Assystems, India (On-Site)

Livspace - Studio Head

Livspace, India (On-Site)

Paytm - Manager-Treasury Operations

Paytm, India (On-Site)

Nagarro - Engineer, QA Manual

Nagarro, India (On-Site)

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

Get notifed when new similar jobs are uploaded