Cybersecurity, Risk and Compliance Program

Maintain and execute the Cybersecurity, risk and compliance program. Responsible for the development, establishment, and communication of security policies, standards, and guidelines as well as the education and awareness of these requirements. Responsible for the ongoing enhancement of the security risk assessment processes and procedures ensuring alignment with establishing industry standard security metrics. Gain understanding of customer IT environment, focusing on IT assets / applications / accounts critical to business operations. Review existing security policies and procedures. Review LU compliance requirements, identify and document existing security controls; Make recommendations to IT Executive staff regarding security policy best practices and standards. Assist with creation of a roadmap for the development of a comprehensive information security policy framework. Draft security policy and procedure templates. Customize security policies and procedures in accordance with business requirements. Identify methods for policy/procedure compliance, distribution, training and awareness strategies. Establish and maintain LU information security policies, standards, and procedures. Identify new security compliance requirements, emerging threats and cyber risks to incorporate into the Cybersecurity, Risk and Compliance Programs. Work with outside auditors and agencies to address questions in Cybersecurity audits. Work in collaboration with IT Application Development to coordinate and architect a culture of Security by Design within our Software Products. Oversee the annual planning and execution of all Cybersecurity certification and compliance programs.