Director of Cyber Governance Management (Remote)

The SouthState story is one of steady growth, deep community roots, and an unwavering commitment to helping our customers move forward. Since our beginnings in the 1930s to becoming a trusted financial partner across the South and beyond - we are known for combining personal relationships with forward-thinking solutions.

We are committed to helping our team members find their success while maintaining the integrity of our values: building trust, fostering lasting relationships and pursuing excellence. At SouthState, individual contributions are recognized, potential is cultivated and team members are inspired to achieve their greater purpose. Your future begins here!

SUMMARY/OBJECTIVES

Director of Cyber Governance Management to be responsible for building, implementing, and executing a Cyber Governance Program that will identify, evaluate, and monitor the overall Cyber security Governance profile across the company promoting the effectiveness of the Governance processes. This person is responsible for defining and aligning strategies for the governance and team andensuring centralized, clear and consistent Cyber Requirements are communicated to appropriate audiences

The Director of Cyber Governance Management will drive the business in achieving its' objectives through the proactive evaluation and enhancement of the cyber Governance program activities and controls that prevent or mitigate the impact of cyber risk.

ESSENTIAL FUNCTIONS

* Lead the development and implementation of effective governance (Standards, Policies and Practices) to secure sensitive data and ensure security and compliance with contracts, regulatory requirements, and industry standards

* Build the Cyber Governance structure and methodology for clear, efficient and practical implementation of key control requirements & best practices.

* Collaborate with Legal, Privacy, Compliance, and key business leaders to identify information management and protection laws and regulations and implement actions to ensure compliance
* Establish annual and long-term goals, defining governance strategies, metrics, and reporting mechanisms

* Develop strategies and action plans to drive security maturity requirements & best practices in areas where controls are deficient.

* Collaborate across Legal, Information Security and Compliance Teams, IT teams, HR, and ERM in the development of security best practices and procedures

* Lead the development of executive and board level communications as related to corporate cybersecurity governance posture

* Supports Develop and manage Cyber Control Testing & Assurance Program within the confines of the overall guidance provided by the ERM group
* Develop, document, and assess measures, metrics, and internal controls related to cyber security program maturity
* Collaborate and support in the Development of Cyber Risk Management Strategy, Framework and Approach.
* Integrate cyber security governance reporting and aggregate reporting into an Enterprise Governance Framework.
* Provide briefings to leadership and advise of critical issues that may affect business or enterprise cybersecurity objectives in partnership with the Chief Information Security Officer
* Partner with Cyber Compliance, Cyber Architecture, and Cyber Engineering, to articulate Cyber requirements, controls, strategies, solutions, and recommendations to improve governance and reduce components, systems, or enterprise security risk
* Recommend programs to enhance maturity in Security and track their progress
* Evaluate existing Governance monitoring metrics and tools, develop metrics and insights, and seek to enhance maturity of analytics.
* Manage the Cyber Security Governance program developed in coordination with the ERM group. Develop Requirements program schedule based on evaluation of the changing requirements, standards and best practices landscape.

* Set team's goals and coach team members to attain maximum productivity through motivation and dedication.

* Identify Team Development Opportunities and budget/plan for team growth.

* Propose budget changes and monitor budget variances

Qualifications, Education, and Certification Requirements

* Bachelor's degree preferred in information security, Information Technology, Audit, Risk Management
* 10+ years of progressive Information Security, IT Governance, Cyber Risk Management, and/or Auditing & Assurance

Knowledge of regulatory and industry best practices authoritative sources

Experience with financial regulations, standards, and best practices such as SOX, GLBA, OCC Heightened Standards, PCI DSS, FFIEC, and/or CRI.

Experience with PCI DSS, technical audit, and/or compliance assessments.

Experience leading and managing PCI DSS compliance and program activities such PCI readiness assessments, QSA assessments, consultations, and ongoing monitoring.

Experience developing and implementing a robust Cyber Governance Framework.

Experience with UCF & CRI Profile Tooling

Experience with financial regulations and industry best practices.

Experience with Automated Governance Approach leveraging industry recognized GRC solutions such as Archer, ServiceNow, KeyLight etc.
* 3-5 years' experience managing cross-functional, multi-business unit projects reflective of leadership role.
* Experience building and/or growing a Cyber Security program.

Certifications: CGEIT, CRISC, CISSP, CISA, CISM etc.

PHYSICAL DEMANDS

Must be able to effectively access and interpret information on computer screens, documents, and reports. This position requires a large amount of time in front of a computer. This can be done sitting or standing with use of the right desk.

WORK ENVIRONMENT

This position is located in a private office. With Telecommuting available. Telecommuting roles no matter if hybrid or 100% full time telecommuting must have a secure home office environment that is free from background noise and distractions. They must also have a reliable private internet connection that is not supplied by use of cellular data (hot spot). Cable or fiber connections are preferred. Requirements are subject to change, as new systems and technology is delivered.

TRAVEL

Travel may be required to come to meetings as needed.

Benefits | SouthState Careers

Equal Opportunity Employer, including disabled/veterans.