Associate Director -Security Risk Management

You want more out of a career. A place to share your ideas freely – even if theyre daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love – driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together – lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the V Team Life.

In this role, you will be responsible for leading a highly skilled, purpose built team that designs, assesses, implements, and continuously improves Cyber Compliance efficiency and maturity across the product business cycle, operations, and technology evolution. This will require driving Cyber Compliance Governance Councils to socialize and steer critical path decisions with executive leadership teams. You and your team will employ industry best practices aligned with NIST 800-53 Control frameworks to achieve FedRAMP, FISMA, CMMC2.0 accreditations as well influence cross function requirements for enterprise risk management..

This team is also responsible for functions such as ATO/Audit preparedness (including performing internal assessments), metrics reporting, and RACI/RMF accountability and serves as the governance, risk management, and compliance (GRC) strategy owner for Public Sector Cybersecurity to ensure Verizon Business Group continues to meet and exceed customer requirements.

In this role you will have the responsibility of:

• Design and Implement processes, assessment, remediation playbooks, and GRC strategy to continuously improve Cyber Compliance across the product business cycle, operations, and technology enablement for Public Sector customers.

• Creating a unified and structured process with defined accountability and responsibilities for continuous compliance, monitoring, and remediation aligned with NIST RMF (800-37) .

• Design and perform internal assessments in accordance with NIST 800-53a, Security and Privacy Controls, to evaluate effectiveness and accuracy of control evidence to maintain FISMA and FedRAMP compliance.

• Implementing a formally-defined oversight, escalation, investigation and resolution process via appropriate governance

• Defining key performance indicators based on compliance data, business context, and risk scoring to support governance and management

• Drive and lead Executive Leadership Governance Councils, whereby the compliance objectives are shared with stakeholders, consensus on decisions is reached, and discussions occur surrounding risk impacts across the business

• Lead the compliance and strategy for ServiceNow GRC and develop the necessary processes, dashboards and goals for partner organizations.

• Drive automation of POAM SLAs, compliance requirements and develop interorganizational compliance agreements to create 100% accountability.

• Manage, track, and report on business case and capital and operating expenses for a five-year outlook, with input into revenue assumptions attributable to this organization.

• Driving the North Star Cyber Maturity Strategy and business plan with specific goals and objectives for security compliance that aligns to FedRAMP and FISMA High Impact Systems.

• Leading, motivating, and developing high potential talent providing assignments and mentoring to give exposure to the business and career development opportunities.

What were looking for…

Youll need to have:

• Bachelors degree or four or more years of work experience.

• Six or more years of relevant work experience.

• Knowledge of cybersecurity frameworks and demonstrated success in implementing them in large organizations.

• Experience stakeholdering with cross-functional team members and creating paths of shared success.

• Willingness to travel (25% or less).

Even better if you have one or more of the following:

• An advanced degree.

• Certifications such as ISACA CISA, CISM, CRISC, or CGEIT.

• Certifications in governance, program management and cloud technology (CSX-P, CDPSE, or CET, CSSIP, AWS Certification).

• Certifications such as ISACA CISA, CISM, CRISC, or CGEIT.

• Previous Public Sector clearances.

If Verizon and this role sound like a fit for you, we encourage you to apply even if you dont meet every “even better” qualification listed above.