What does a successful VP, Cybersecurity and Technology Policy and Standards do at Fiserv?
You will lead a small team of risk professionals that proactively and strategically partner with Fiserv cybersecurity, technology leaders, and subject matter experts to deliver industry-leading policy, standards, procedures, and other technical guidance that define processes and controls to manage cybersecurity and technology risk.
What you will do:
- Maintain the document inventory, forward-looking review schedule, and document ownership to establish clear accountability for maintaining the documents, completing regular reviews, and translating documents when required
- Use a structured change management process to continuously identify, capture, and track the status of document changes required from internal and external sources including assessing Fiserv Standards for adherence to new/changed regulatory requirements and industry standards
- Oversee delivery of plans to develop and update documents with key stakeholders, maintain and measure adherence to a document quality management framework that includes style guides, templates, checklists, and quality metrics
- Communicate new/materially changed documents and raise enterprise-wide awareness about their requirements which includes maintaining a digital presence on the Fiserv intranet site
- Maintain the control catalog, and a related data model, that defines the cybersecurity and technology control universe used for strategic planning, control evaluation, and risk assessments
- Maintain a reference library of authoritative regulatory and industry sources used to maintain the document set/related glossary
- Maintain requirements and drive adoption of document management tooling that leverages automation to support document versioning, publishing, archival, change management, and reporting
- Continually monitor, regularly report, and escalate service delivery status timely using key performance indicators (KPIs) and trend information
What you will need to have:
- 12+ years’ experience in document management and cybersecurity/technology risk management processes including interpreting and applying industry standards (e.g., NIST, CobiT, and ITIL) and regulatory requirements (e.g., US FFIEC Information Technology Handbooks) to corporate policy and standards
- Experience doing fact-based research and quickly synthesizing complex data and requirements to reach appropriate conclusions. Ability to articulate complex ideas in a clear and concise manner to a non-technical audience
- Experience developing talent and leading virtual teams to achieve common goals
- Ability to set direction, mobilize efforts, and drive to completion clearly/consistently
- Bachelor’s degree in cybersecurity, data science or an equivalent combination of education, work, and/or military experience
What would be great to have:
- 15+ years in the Financial Services Industry, with a focus on cybersecurity and technology risk and control management
- Professional certifications like CISSP or CISA
#LI-RM1
R-10358764
