Hearst Technology, Inc, Information Security Office seeks a Director of Governance, Risk and Compliance. 
This hands-on position will oversee the Hearst Governance Risk and Compliance (GRC) team. Ensures the overall effectiveness of the Hearst Information Security Risk Management program.
Hearst is a leading global, diversified media, information, and services company with over 360 businesses. Its major interests include ownership in cable television networks; global financial services leader Fitch Group; Hearst Health; Hearst Transportation; 33 television stations; 24 daily and 42 weekly newspapers; more than 300 magazines around the world; digital services businesses; and investments in emerging digital entertainment companies.
Responsibilities:
•    Responsible for the security Information Security Governance, Risk and Compliance management function.
•    Build and manage a high performing team of risk professionals through recruitment, training, coaching, and performance management
•    Build and maintain successful stakeholder relationships with technology and business executives by developing a clear understanding of business needs, acting as a trusted advisor, and ensuring cost-effective delivery of security services to meet those needs
•    Educate risk owners on risk management best practices and work with other risk functions (e.g., Internal Audit and Legal) in the development and implementation of risk controls and treatment plans
•    Continuously improve the Information Security Risk Management Program
•    Develop and maintain all relevant documentation, policies, standards, guidelines, and frameworks, embedding controls into process across the business and technology units
•    Assists in the early identification of risk trends by establishing and monitoring key performance and key risk indicators via Risk and Business Impact Assessments
•    Oversee global security awareness strategy and programs fostering a culture where security is everyone’s responsibility
•    Manage Compliance programs across business units e.g., PCI, HIPAA, Privacy, Internal/External Audits, and 3rd Party Vendor Management
•    Advise senior management on risk reduction practices and influence process change
•    Assist the CISO to develop strategic plans and roadmaps
Requirements / Qualifications
•    10 + years of security experience in relevant security domains (e.g., compliance, audit, security risk management), with 5+ years of management experience
•    Experience implementing and maturing risk frameworks based on NIST, ISO, PCI, HITRUST and SOC2
•    Experience implementing privacy program control frameworks based on privacy regulations such as CCPA and GDPR
•    Experience managing internal/external audits 
•    One or more industry certificates e.g., CISM, CRISC, CISA, CIPM, CISSP
•    Experience recruiting and building out high performing, global security teams
•    Demonstrated customer-first mindset
•    Outstanding communication, conceptual thinking, change/project management, analytical, and problem-solving capabilities
•    Consistent track record owning project/work activities, balancing multiple priorities delivering results

In accordance with applicable law, Hearst is required to include a reasonable estimate of the compensation for this role if hired in New York City.  The reasonable estimate, if hired in New York City, is $175,000-$210,000.  Please note this information is specific to those hired in New York City.  If this role is open to candidates outside of New York City, the salary range would be aligned to that specific location.  A final decision on the successful candidate’s starting salary will be based on a number of permissible, non-discriminatory factors, including but not limited to skills and experience, training, certifications, and education.  Hearst provides a competitive benefits package, including medical, dental, vision, disability and life insurance, 401(k), paid holidays and paid time off, employee assistance programs, and more.

In accordance with applicable law, Hearst is required to include a reasonable estimate of the compensation for this role if hired in New York State.  The reasonable estimate, if hired in New York State, is $175,000-$210,000.  Please note this information is specific to those hired in New York City.  If this role is open to candidates outside of New York State, the salary range would be aligned to that specific location.  A final decision on the successful candidate’s starting salary will be based on a number of permissible, non-discriminatory factors, including but not limited to skills and experience, training, certifications, and education.  Hearst provides a competitive benefits package, including medical, dental, vision, disability and life insurance, 401(k), paid holidays and paid time off, employee assistance programs, and more.