Director of Cybersecurity Risk Management Job at Perdue Farms, Salisbury, MD

b3V3d3c4U2pSbmlucnR2ekwzUWE5Vzh2Znc9PQ==
  • Perdue Farms
  • Salisbury, MD

Job Description

Perdue Farms is a family-owned food and agriculture company now in its second century of growth and innovation. We were founded on trust—a value that carries through everything we do. Perdue Foods is a leader in Premium Proteins and Perdue AgriBusiness ranks among the top US grain companies. 

Summary

The Director of Cybersecurity Risk Management plays a critical role in leading Perdue’s enterprise cyber risk program in managing and reducing cyber risk while enabling strategic IT and business outcomes. In this role you will oversee a team leading and building out our cybersecurity risk practice, security assessments, third party risk, control frameworks, policies, standards, and reporting metrics. The ideal candidate will be an experienced risk professional, with strong knowledge of multiple cybersecurity domains, industry frameworks (e.g. NIST CSF, 800-53) and industry and regulatory requirements (e.g. SOX, HIPAA, PCI, CCRA). As a thought leader you will provide strategic input into our multi-year roadmaps, cyber risk strategy, and advise IT and business stakeholders on cyber risk.

 

This position is based at corporate headquarters in Salisbury, MD.

 

The salary range for this position is $143,000 - $215,000 per year, based on experience and qualifications with annual bonus available (variable depending on performance).

 

In addition to the base salary, Perdue offers a competitive benefits package, including medical/Rx, 401(k) with employer match after 1 year, critical illness, accident insurance, dental, vison, life insurance, optional group life insurance, short-term and long-term disability protection, flexible spending accounts and paid time off.

Principal and Essential Duties & Responsibilities

  • Reporting directly to the CISO, this role will help mature the cybersecurity governance, risk, and compliance program, including build out of the program and three-year roadmap.
  • Leading the development and implementation of a comprehensive cybersecurity frameworks (NIST CSF) and benchmarking maturity targets.
  • Lead the development and implementation of comprehensive cybersecurity policies, standards, and procedures, ensuring they are current, relevant, and communicated effectively across the organization.
  • Leading a team to develop comprehensive security assessments to identify, assess, and prioritize cybersecurity risks that include risk mitigation strategies with IT and business teams.
  • Oversee build-out of GRC platform and capabilities for tracking of risk and compliance (e.g. risk register, risk documentation, risk acceptance, asset classification, etc.)
  • Manage and oversee third party cyber risk program, partnering with key technical and business stakeholders (Procurement, Legal, Enterprise Risk, etc.), to ensure cyber protections, resilience, and contractual provisions in our vendor and supplier operations and agreements.
  • Develops metrics and reporting to track performance of cybersecurity program as well as prioritize risk and develop a risk-informed strategy for addressing current gaps and future threats.
  • Partner with Internal Audit on addressing the assessment of internal controls, findings, and SOX / ITGC compliance.
  • Evaluate cyber trends and compliance requirements to ensure organizational efficiency and alignment with the overall cybersecurity mission, vision, and strategy.
  • Conduct bi-annual cyber maturity assessment to assess progress against desired level and industry targets.
  • Provide governance for DR planning and cyber resilience.
  • Stay abreast of evolving cybersecurity threats, regulations, and industry best practices.

Minimum Education and Experience

BS degree in Business, Information Security, Management Information Systems or related major, and at least 10 years of experience in cybersecurity with a minimum of five (5) years demonstrated expertise in cybersecurity governance, compliance, and third-party risk management. Must have proven leadership experience with at least 5 years’ experience managing cross-functional teams or projects. Must have In-depth knowledge of IT security governance and operations, including creating and implementing security frameworks, policies, and procedures

The ideal candidate will also have:

  • Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), etc.
  • Strong understanding of risk management principles and compliance requirements related to cybersecurity.
  • Experience with various industry regulations and frameworks (PCI, HIPAA, Privacy Laws, ISO27001/2, NIST CSF, etc.)
  • Experience with GRC tools such as Service Now, Archer, etc.
  • Experience developing, tracking, and reporting on KPIs/KRIs for reporting and status updates.
  • Strong communication and interpersonal skills, with the ability to collaborate effectively with stakeholders at all levels of the organization.
  • Strong verbal and written communication skills, with the ability to effectively communicate complex cybersecurity and IT issues to non-technical stakeholders.
  • Experience in coordinating work across multiple functions and be adept at building consensus across organizational and functional lines.
  • Strong analytical, including data mining, analysis, trending, problem solving and project management skills.
  • Thorough understanding of cyber threats and vulnerabilities.
  • Excellent leadership and team management skills.

Environmental Factors and Physical Requirements

  • Position is mostly sedentary but may require occasional moving to other offices or buildings. 
  • May need to move light equipment or supplies from one place to another. 
  • May need to access files, supplies and equipment. 
  • Work activity is in an office, open-partitioned, cubicle environment.

 

Perdue Farms, Inc. is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.

Job Tags

Temporary work, Flexible hours,

Similar Jobs

Dental Metrics Maven

Dental Assistant Job at Dental Metrics Maven

 ...Job Title: Pediatric EFDA (Expanded Function Dental Assistant) Full-Time or Part-Time Location: Hamilton, OH Compensation: $35 per hour, plus...  ...Ensure patient comfort and create a positive experience for children and parents Prepare and maintain treatment... 

Leidos

Service Desk Tier 2 Support Technician Job at Leidos

 ...education. At least 6 months of experience with the NMCI Service Desk. Candidates currently on a Performance Improvement Plan or...  ...Security + CE. A minimum of three months experience supporting NNPI and/or SIPR in a Tier 1 role. Capability to achieve Flank... 

duvari group

Network Systems Analyst Job at duvari group

 ...Network Systems Analyst Onsite in St. Louis, MO Ready to get hands-on with next-gen network gear? Were looking for a Network Systems Analyst to support a major hardware refresh project replacing Cisco gear with Extreme Networks equipment. What Youll Do... 

Qnity

Research and Development Scientist Job at Qnity

We are seeking a **Research and Development Scientist** to join our R&D team in Cleveland, OH.The Research and Development Scientist will work on a team to develop novel polymer-based materials for thermal and EMI management solutions within the **Laird** Technologies... 

University of Cincinnati

Annual Adjunct, Psychology, College of Arts and Sciences Job at University of Cincinnati

 ...Lives at the University of Cincinnati Founded in 1819, the University of Cincinnati ranks among the nations best urban public research universities. Home to more than 53,000 students, 12,000 faculty and staff, and over 350,000 living alumni, UC, a Carnegie 1...