We are seeking a highly skilled and experienced Governance, Risk, and Compliance Director to join our team. This position will play a crucial role for the enterprise’s Information Security including Software as Service Security and Business Continuity programs. The ideal candidate will possess extensive experience in risk management and security within a large enterprise. In this role, you will influence the security strategy, communicate cyber risk to all levels of the organization, and assist with regulatory compliance. The individual will enhance our current security program in alignment with business objectives and best practices and build a high performing team.
A Day In The Life
Enterprise Cyber Risk Management:
Develop an enterprise risk management program aligned with NIST, PCI, SOX, and CIS.Assist the CISO with security strategy and implementation.Oversee the management and updating of the company's risk registry and risk tolerance.Coordinate vulnerability assessments and penetration testing activities.Ensure inventory of applications, software, and assets are updated. Partner with IT & Business teams on the prioritization of remediation efforts.Communicate cyber risk in business terms.
Management & Collaboration:
Recruit, train, and build a team of skilled risk management professionals.Provide mentorship and guidance to team members.Partner with various IT teams and business areas to address security and compliance issues.Work closely with internal stakeholders to drive risk mitigation, especially the Internal Audit team.Promote a culture of risk awareness and proactive risk management.
Business Continuity and Disaster Recovery (BC/DR):
Design and implement a comprehensive business continuity program.Partner with business and IT stakeholders to bridge the gap of business needs and technology requirements.Coordinate BC/DR testing and training activities including Tabletop exercises.
Vendor Risk Management:
Enhance the vendor risk management process, policies, and procedures.Conduct regular vendor/application risk assessments and audits and maintain compliance.Ensure security of SaaS applications.
Audit and Compliance:
Lead efforts to ensure compliance with PCI DSS, SOX, and Privacy regulations.Prepare for and manage internal/external audits in partnership with IT, Legal, and Internal Audit.Develop and maintain compliance documentation and evidence.
Policy Implementation:
Mature and enforce strong security policies and standards based on industry standards. Ensure the organization adheres to all relevant policies and standards.Provide training and awareness programs to promote policy compliance and security awareness training.
What You Should Possess
Bachelor's degree in computer science, information technology, or a related field.At least 7 years of experience in governance, risk management, compliance, cloud security, and business continuity.Knowledge of security technologies, tools, and techniques.Strong understanding of security frameworks, regulations, and standards (e.g., PCI, HIPAA, SOX, CCPA, NIST).Excellent communication, collaboration, and leadership skills.Relevant certifications (e.g., CISSP, CISA, CISM, CIRSC).
Come join our team. You’re going to like it here!
You will enjoy a competitive wage, flexible hours, and an associate discount. Burlington’s benefits package includes medical, dental and vision coverage including life and disability insurance. Full time associates are also eligible for paid time off, paid holidays and a 401(k) plan.
We are a rapidly growing brand and provide a variety of training and development opportunities so our associates can grow with us. Our teams work hard and have fun together! Burlington associates make a difference in the lives of customers, colleagues, and the communities where we live and work every day. Burlington Stores, Inc. is an equal opportunity employer committed to workplace diversity.
#LI-TG1
Need help finding the right job? We can recommend jobs specifically for you! Click here to get started.