Senior Director, Technology Governance, Risk, and Compliance (R-12401)

Why We Work at Dun & BradstreetDun & Bradstreet unlocks the power of data through analytics, creating a better tomorrow. Each day, we are finding new ways to strengthen our award-winning culture and accelerate creativity, innovation and growth. Our 6,000+ global team members are passionate about what we do. We are dedicated to helping clients turn uncertainty into confidence, risk into opportunity and potential into prosperity. Bold and diverse thinkers are always welcome. Come join us!
As Senior Director, Technology Governance, Risk, and Compliance (GRC), you will have the opportunity to design and deliver the risk-based GRC program and automation capabilities that will empower Dun and Bradstreet to deliver customer trust at scale.
In this role, you will develop a forward-thinking GRC vision for Dun and Bradstreet and lead significant efforts, including elegantly achieving and maintaining key certifications, reimagining how to manage risk from third parties, and driving capability integration across GRC, Risk, and Privacy to drive rapid risk mitigation and speed cyber threat response.
To be successful in this role, you will be a cyber governance and compliance leader who brings creative and visionary thinking to everything you do. You will challenge status quo thinking and improve the current GRC program and culture around modern risk management principles. You will have a clear vision of how to support a rapidly scaling company and build a GRC program with an “automation first” approach. You will be an enthusiastic technical communicator who effectively orchestrates cyber risk-reduction activities and enjoys visibility with company leadership. This role reports to the CISO.

What You'll Do

• Build, run, and retain a motivated, high-functioning team of GRC experts.
• Evaluate, develop, own, and continuously improve Dun and Bradstreet technology governance, risk, and compliance processes.
• Establish a common controls framework inclusive of regulatory, customer, industry, and other cybersecurity and privacy requirements.
• Develop a consolidated certification program to include achievement and/or maintenance of SOC 2, ISO 27001/17, HIPAA, PCI DSS, and/or other certifications
• Aggressively identify and exploit opportunities for automation and shared processes to reduce complexity and manual effort.
• Oversee and lead responses to audits and risk assessments, including driving ongoing audit readiness across the business.
• Work across business and technology partners, for process and control improvements.
• Oversee and lead third-party risk management programs and activities.
• Drive and evolve technology risk management processes, including improving the maturity of cyber risk metric collection and analytics to support effective risk decision-making.
• Support all customer RFI's and contract negotiations, globally, and build security as a business enablement solution
• Streamline and automate the process to support the increasing requests for audits from D&B customers
• Acquire and implement technologies to manage the GRC function

What will you need to have

• Prior experience (5-10 years) in cybersecurity/IT governance, risk, and compliance management roles with progressively increasing levels of responsibility
• Strong practical knowledge of common technology control and risk management frameworks like NIST CSF, Secure Controls Framework (SCF) ISO 27000 series, SOC 2, and compliance regimes like Sarbanes Oxley, GDPR, CCPA, etc.
• Prior experience establishing or refreshing GRC or cybersecurity programs
• At least one of the following relevant certifications: CRISC, CISM, CISA
• GRC automation experience highly desired (e.e, RSA Archer, ZenGRC, Whistic, JIRA)

If this opportunity excites you please contact Amanda Mincey for more information.
#LI-AM3


FOR US APPLICANTS - Equal Employment Opportunity (EEO): Dun & Bradstreet is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, age, national origin, citizenship status, disability status, sexual orientation, gender identity or expression, pregnancy, genetic information, protected military and veteran status, ancestry, marital status, medical condition (cancer and genetic characteristics) or any other characteristic protected by law.  View the EEO is the Law poster here and its supplement here. View the pay transparency policy here.
We are committed to Equal Employment Opportunity and providing reasonable accommodations to qualified candidates and employees. If you are interested in applying for employment with Dun & Bradstreet and need special assistance or an accommodation to use our website or to apply for a position, please send an e-mail with your request to acquisitiont@dnb.com. Determination on requests for reasonable accommodation are made on a case-by-case basis.