As the world around us becomes more connected and more digital, there are increased opportunities for disruption due to cybersecurity attacks. The need for companies, products, and services to be secure is more important than ever in this constantly changing landscape.
The HP Program Manager - Cybersecurity Risk Management is responsible to lead important cybersecurity programs across enterprise operations for a complex global company.
The role includes partnering with teams within our enterprise operations organization to review business operations, identify areas of cybersecurity risk, and drive the implementation of ongoing cybersecurity practices and process improvements.
The person in this role will be responsible to identify and implement a strategy and plan to drive remediation and closure of cybersecurity risks that have already been identified. This includes communicating with key stakeholders, influencing business prioritization and funding requirements, and tracking milestones against committed timelines.
In this role, you will be responsible for the development of key relationships across the business to become a trusted partner and subject matter expert to train and influence on cybersecurity initiatives.
As cybersecurity trends and risks continue to evolve, this role will play a key function in keeping business operations aligned with current and future cybersecurity risk management best practices.
The position reports to the Enterprise Operations Cybersecurity Business Information Security Officer (BISO) and works closely with teams across IT, HP Corporate Cybersecurity, Supply Chain Operations, Legal, and Business Units to help protect HP’s infrastructure and products.
This is a hybrid work position which requires both in office work and the flexibility of some work from home.
Responsibilities
Drives complex projects from initiation to completion including identifying key stakeholders, reviewing business processes, and recommending cybersecurity process improvements to business operations
Provides leadership and guidance about cybersecurity new and best practices to business operations teams
Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organization
Work directly with the IT units to facilitate IT risk assessment and risk management processes, and work with stakeholders throughout the enterprise on identifying acceptable levels of residual risk
Provide regular reporting on the status of the information security program to enterprise risk teams, senior business leaders and the board of directors as part of a strategic enterprise risk management program
Partners with business operations and third-party partners to assess compliance to cybersecurity standards and drives cybersecurity risk management process improvements
Creates and presents risk management reports, scorecards, and briefings as required
Understands HP’s business and operations strategy and how cybersecurity fits into business success
Monitors industry cybersecurity threats, cybersecurity best practices, regulatory changes, corporate updates, and geo-political changes impacting HP’s operations
Education & Experience Recommended
Bachelor’s degree required, preferably in project management, computer science, information systems, cybersecurity, or related area of study
Typically 7-10 years of relevant experience; program management, project management, cybersecurity, IT operations
Excellent program management skills including the ability to evaluation complex business processes, develop a structure and scope to review the process, and developing methods, techniques, and criteria to improve cybersecurity practices in business operations
In-depth Cyber and IT security knowledge and understanding of Cyber and IT security risks, threats, and prevention measures
Superior verbal and written communication in English, leadership, consulting, influence, negotiation, presentation, and problem-solving skills
Prefer certification as a Lean or Six Sigma green belt
Have or obtain upon hire Technical Cyber Security Certification through one of the recognized bodies preferred: (ISC)2, CompTIA, ISACA, etc.
About the Team
The Enterprise Operations Cybersecurity team is a key pillar of the IT and Supply Chain organizations responsible for protecting our supply chain and products against cyber threats. This team is a group of cybersecurity and supply chain professionals who collaborate with business and functional stakeholders as trusted advisors to effectively manage cybersecurity risks in our manufacturing supply chain operations.
Disclaimer
This job description describes the general nature and level of work performed in this role. It is not intended to be an exhaustive list of all duties, skills, responsibilities, knowledge, etc. These may be subject to change and additional functions may be assigned as needed by management.