The Cybersecurity Program Manager is an important role in leading customer-facing Cybersecurity objectives and initiatives including Public Sector programs within the United Kingdom. This role will support the overall vision of the Cybersecurity Program at Cornerstone OnDemand. This position is part of the global Cybersecurity Engineering and Assurance team and reports into the AVP, Quality & Risk Management.
In This Role You Will..- Lead customer-facing Cybersecurity objectives and initiatives including Public Sector programs within the United Kingdom
- Partner with the global Cybersecurity Risk Management program to ensure identification, communication, and management of company-wide Cybersecurity Risks
- Manage Cybersecurity Risks, Supplier Assurance, and customer security audits/assessments
- Support the operational management of key security frameworks such as ISO 27001, Cyber Essentials Plus, ISO 42001, etc.
- Support the global business impact assessments and risk assessment program
- Work closely with the global Cybersecurity Engineering and Assurance team to implement security standards across the organization
- Interface and partner with cross functional leaders from Engineering, Cloud Operations, IT and other functions to develop, manage and maintain effective security plans and controls
- Identify business, cybersecurity, and technology risks, evaluate internal controls to treat risks, and develop opportunities to continuously improve internal security controls
- Work with control owners to ensure control objectives and activities meet compliance standards for effectiveness and evidence, and ensuring operational efficiencies
- Recommend updates to security policies, standards, and procedures to address new industry practices, requirements and standards based on security and compliance requirements
You've got what it takes if you have...- 5+ years demonstrated experience in program, project, and process management and improvement
- 5+ years demonstrated experience in a global technology organization (preferably SaaS) in a related role.
- Significant knowledge and experience with the operational management of key Security, Risk management & Governance frameworks such as ISO 27001, Cyber Essentials Plus, ISO 42001, etc.
- Significant knowledge and experience managing Public Sector controls and regulatory compliance
- Advanced knowledge of latest security tools, technologies and security control industry best practices
- Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism
- Experience in metrics, maintaining dashboards and executive reporting
- Proficiency in data analysis, documentation and articulation skills with excellent communication, presentation and collaboration skills
Preferred Certifications:- CISP, CISM, CISA, CRISC, or equivalent
