Job Description
Job Description The Global Cybersecurity Governance Senior Manager will be responsible for leading the Information Security Governance team which includes partnering with other cybersecurity teams and subsidiaries. The Global Cybersecurity Governance Senior Manager’s responsibility includes leading and executing all governance related activities, provide specialized consultation, advise, and support. Including the development and ongoing monitoring of the Global Cybersecurity policies, standards, and guidelines to ensure compliance with program requirements. This position will be working in partnership with the with other Global Cybersecurity teams and other teams across UL Solutions to support the delivery of its overall mandate by managing the ongoing strategy and development of governance framework and policies. This includes the management of all security awareness and training tasks and timelines. In addition to developing training strategies and goals the ideal candidate will be comfortable in developing and delivering security training to business teams. This role will be part of Global Cybersecurity leadership team, reporting to the Global Cybersecurity Governance, Risk and Compliance Director. Responsibilities The Global Cybersecurity Governance Senior Manager candidates will be evaluated based on their ability to lead a team and perform the duties listed above while demonstrating the skills and competencies necessary to be highly effective in the role. These skills and competencies include: Governance and adherence to Cybersecurity program with mitigating controls and action plans for areas of opportunity Facilitate the governance and review process of the security framework Facilitate the governance and review process of the Global Cybersecurity policies and standards and related processes. Develops, implements, and manages Global Cybersecurity policies and the exception management process Designs and implements processes and tools to proactively monitor and govern the effectiveness of Cybersecurity controls and services. Designs and implements processes and tools to proactively monitor and govern the effectiveness of Cybersecurity controls and services. Expert level understanding and experience with security awareness training including: developing and managing security training strategies and goals developing information security training materials conducting simulated phishing exercises presenting classroom and online security awareness training to the workforce and executives Leads, directs, and has management accountability for the performance and development of the Global Cybersecurity Governance staff Expert level understanding of Information Security frameworks like ISO, NIST, TISAX and PIPL etc. Mentoring team members and lead by example with knowledge of Cybersecurity best practices. Support the GRC team in establishing annual and long-term goals, defining governance strategies, objectives, metrics, and reporting mechanisms Requirements QUALIFICATIONS A successful Global Cybersecurity Governance Senior Manager candidate will have the expertise and skills described below. Education, Training and Previous Experience Candidates will be evaluated primarily on their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows: BS or MA in Business, Computer Science, Information Security, or a related field [5+] years of work experience in information security, especially in an information senior cybersecurity governance role [5+] years of experience designing, implementing, and executing cybersecurity governance solutions, tools and technologies across complex, large-scale environments, all the way from project initiation to the desired end state of operationally healthy and sustainable services. [5+] years of experience writing and developing Information Security policies, procedures, guidelines, and metrics including Exception Management Processes. Experience with Governance and Awareness and Training tools [5+] years of experience in managing governance issues, or similar experience managing applications, projects or systems that require identification, evaluation, and remediation if risk Ability to build and maintain strong relationships across departments/teams and effectively communicate solution designs to stakeholders and leadership. [5+] years of experience with regulatory compliance and information security management frameworks (e.g., International Organization for Standardization [IS0] 27000, COB