Job Description


Sr. Director, Security Governance, Risk, and Compliance

Category:
Corporate Office
Location:
5501 Headquarters Dr
Plano Texas 75024
Job ID:
326676
Job Description:

JOB PURPOSE:

The Sr. Director of Security Governance, Risk, and Compliance provides leadership and security expertise to develop and manage the information security analysts within the operations and engineering teams. Additionally, the role is responsible for leading strategic initiatives, interfacing with senior executives and driving the Information Security Steering Committee, along with maintaining strong working relationships with other business and IT leaders throughout Rent-A-Center.

 

KEY RESPONSIBILITIES:

  • Lead the information security governance, risk, and compliance team to ensure business, privacy, and regulatory objectives are met.
  • Establish goals and priorities for the team and adjust direction as needed to respond to organizational, technology, and industry changes.
  • Maintain key business function and application maturity capability framework to assist leaders in guiding and influencing security strategy.
  • Prepare governance reporting capabilities to guide discussion with business and IT leaders in the context of the Information Security Steering Committee.
  • Create regular governance reporting on information security compliance.
  • Support the audit/inspection awareness and preparedness, and provide coaching / guidance as a compliance expert
  • Continuously work to automate and simplify processes to make it easier to get work done
  • Lead assigned Risk Management efforts to address compliance gaps, conduct risk assessments and define and implement remediation plans
  • Able to navigate and contribute to Rent-A-Center’s dynamic officer community, challenging where appropriate for the success of Rent-A-Center and our customers.
  • Drives a culture of community and inclusion across IT and the greater organization.
  • Advances RAC’s Mission of “Improving the quality of life for our coworkers and our customers.”
  • Ensuring the company’s technological processes and service comply with all requirements, laws, and regulations.

REQUIREMENTS:

  • At least 10+ years of experience working in a technology environment
  • Experience developing and implementing structure and best practices while maximizing productivity in a fast growing corporate environment.
  • Extensive knowledge of business risk, risk assessment and risk-based decision making.
  • Able to communicate security and risk-related concepts to both technical and non-technical audiences
  • A natural influencer and coalition builder; passionate about building high performing teams.
  • Ability to inspire and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals; an innovative leader, problem solver and consultant.
  • Ability to evangelize IT security to make it a critical part of business operations; build trust and respect for the security function.
  • Excellent written and verbal communication, interpersonal and collaborative skills.
  • Experienced with contract and vendor negotiations.
  • Ability to effectively prioritize and execute tasks in high-pressure situations.
  • Knowledge of security, risk and control frameworks and standards
  • Understanding of cloud, SaaS, and IoT architectures, and their implications on information security strategy.
  • Security acumen and experience including but not limited to: governance, risk, compliance, privacy, SOX, and PCI
  • Ability to handle confidential matters
  • Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials.
  • Knowledge of common information security management frameworks, such NIST, including 800-53 and Cybersecurity Framework is desirable.

 

Not what you’re looking for?

Try a new search!