Information Security Risk and Governance Partner
US-MD-Germantown
Attract-careers1
Req #: 93857
Type: Fulltime-Regular
|
|||||||||||
|
|||||||||||
Responsibilities: EchoStar has an exciting opportunity for an Information Security Risk and Governance Partner in our Hughes Network Systems division. The role will protect the company's digital assets and be instrumental in embedding the risk management framework and supporting our governance practices. You'll assess and mitigate risks, ensure adherence to laws and regulations, contribute to stronger governance, and provide expert GRC guidance to our business stakeholders. This position will be located at our office in Germantown, MD. Key Responsibilities: * Collaborate with teams, including data and analytics teams, to identify and mitigate risks alongside data compliance. * Conduct cybersecurity risk assessments to identify potential threats and vulnerabilities within the organization's processes and operations. Assist risk owners in identifying risk treatment plans. * Provide cybersecurity responses to customer requests for third-party risk management surveys. * Support the business in preparing for and responding to internal and external audits, including coordinating documentation and evidence to demonstrate compliance with cyber policies and standards. * Generate and share reports and key metrics with management and stakeholders, outlining risk assessments, current compliance status, and suggested enhancements. * Educate and build awareness of security requirements and best practices. * Propose improvements to GRC processes that reduce risk and boost operational efficiency. Qualifications: Education and Experience: * Bachelor's degree in Information Technology, Risk Management, Business, or a related field. * 5+ years of demonstrated experience in governance, risk management, and compliance, preferably in a corporate setting. Skills and Qualifications : * Master's degree in computer science, engineering, or a related technical field * Strong knowledge of regulatory frameworks, industry standards, and best practices such as NIST CSF, NIST RMF, PCI-DSS, NIST AI RMF, SOC 2, ISO 27001, CMMC, CCPA/CPRA, GDPR, OWASP Top 10 for LLM, SOX. * Excellent communication and interpersonal skills to work effectively with business teams and external stakeholders. * Ability to stay current with evolving regulations and industry practices, as well as key cybersecurity threats * Strong analytical skills and the ability to assess risks and help identify pragmatic solutions. * Proficiency in risk assessment and compliance management systems and tools Will be eligible for discretionary bonus, with funding based on company performance.
Share this job:
