Apply Now

VP - Cyber Security - Audit, Risk and Compliance

Van Buren Township, MI, USA | General Electric

  • Industry:
    Energy / Renewable Energy / Oil & Gas
  • Position Type:
  • Functions:
    Risk Management
  • Experience:
    12-15 years
Job Description:
71 people have viewed this job

Essential Responsibilities

Essential Responsibilities

This role will be part of the Cybersecurity and Technology Risk organization and will strategically own the Technology Risk and Compliance posture across GE Aviation.

Maintain continuous monitoring, auditing, governance and compliance programs, including contractual compliance programs, relative to cyber compliance and technology risk for GE Aviation

Responsible for global regulatory compliance with requirements such as GDPR, DFARS, UK CES/CSM, FISMA, NIST 800-171 and 800-53, China Cyber Security, Italian Organization, UK Organization, Export Control, etc.

Ensure access management requirements are met for regulatory and compliance requirements at the OS, DB Platform, Full Tech Stack and App layer(s).

Stay abreast of new and emerging regulations with impact to the GE Aviation Digital Technology environment.

Responsible for IT Controllership, including Sarbanes-Oxley and Critical Systems.

Develop, support and enforce applicable policies, standards and guidelines for Digital technology compliance, contractual and regulatory needs.

Responsible for ERP compliance, including HPA and SOD requirements.

Responsible for Software Asset Management across Aviation and compliance to MSAs and MLAs for software packages.

Design and implement metrics to drive an environment of risk-based compliance and continuous controls monitoring.

Responsible for understanding and aligning strategy across peers within the same organization or function.

Communicate and present to Senior leadership, including, but not limited to Company Officers and SEBs.

Responsible for working with US and Foreign Governmental Entities to review Organizationifications to existing and new regulations and requirements that impact GE Aviation’s compliance posture and influencing oCompanyomes to benefit the GE Aviation business.

Responsible for a globally diverse organization and driving continuous improvement throughout organization with a risk-based approach and manner.

Works with cross functional teams and cross-business teams and is responsible for actively challenging direct staff through stretch assignments and efforts to develop future leaders and succession capabilities.

Responsible for results and retention of direct staff to include active development of staff to include career path management, coaching / mentoring, and performance feedback


Basic Qualifications

Bachelor’s Degree in Computer Science or in “STEM” Majors (Science, Technology, Engineering and Math)

Minimum of 12 years of professional experience in IT

Eligibility Requirements

Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job.

Desired Characteristics

Desired Characteristics

Ideal candidate will have prior experience from E&Y, KPMG, Company, PwC or IT Corporate Audit Staff Graduate (GE Employee only)

CISA, CPA or CISSP certification preferred

Experience in designing, enhancing and implementing detailed wing to wing robust processes

Proven track record of detailed quality documentation delivery to defined standards

Understanding of regulatory and external certifications requirements as they relate to IT for regulations such as DFARS, FISMA, etc.

Experience of implementing and operating Risk Based Testing methodologies

Excellent interpersonal, written/verbal communication and leadership skills with the ability to quickly build credibility, influence and make recommendations to all levels

Outstanding interpersonal, written/verbal communication skills

Knowledge of industry standards, such a NIST 800-53 and 800-171 and requirements for FedRamp compliance

Ability to handle multiple demands and tasks, including time-sensitive and critical issues

Demonstrated ability to manage across a matrixed organization

Ability to take input from multiple stakeholders, complex business and technical requirements

Creative problem solver with strong analytical skills

Strong oral and written communication skills – able to communicate appropriately to technical and management audiences

Strong interpersonal and leadership skills

Demonstrated knowledge of general IT controls, IT risk and security-related standards and technologies

Experience in large global environments spanning multiple time zones

Be highly collaborative with the ability to build consensus across numerous organizations

Knowledge of IT and cybersecurity frameworks, such as ISO, NIST and/or COBIT

Ability to synthesize and communicate complex technology topics to all levels of the organization

Ability to drive oCompanyomes in ambiguous environments

Ability to work across organization and culture

Ability to work under tight deadlines and to prioritize under pressure

Strategic thinker with the ability to create and execute concrete action plans

Strong analytical, project management, and organizational skills


Other companies hiring with Ivy Exec

 Company Logos