Director, Cybersecurity Risk Management
FortreaPoland3 hours ago
Full-timeInformation Technology
Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Job Overview
The Director of Cybersecurity Risk Management is responsible for building and maintaining Fortrea’s cybersecurity risk management function. This leader will oversee IT and third-party cybersecurity risk management - collaborating with peers and leaders across IT, global support functions, and business areas to manage cybersecurity risk throughout our global organization. They have proven experience in developing and executing such programs, a deep understanding of the Fortrea business landscape, and the ability to partner with other central functions that manage risk.
Summary Of Responsibilities
The Director of Cybersecurity Risk Management is responsible for building and maintaining Fortrea’s cybersecurity risk management function. This leader will oversee IT and third-party cybersecurity risk management - collaborating with peers and leaders across IT, global support functions, and business areas to manage cybersecurity risk throughout our global organization. They have proven experience in developing and executing such programs, a deep understanding of the Fortrea business landscape, and the ability to partner with other central functions that manage risk.
Summary Of Responsibilities
- Develop and drive the strategy for cybersecurity risk management at Fortrea, positioning it as a business enabler.
- Establish and operate a cybersecurity risk management program designed to identify, report, and respond to cybersecurity risks in accordance with industry standards and frameworks (e.g., NIST CSF, NIST 800-37, ISO/IEC 27001) and regulations (SOX, GDPR, HIPAA).
- Own and drive requirements for cybersecurity risk management tools.
- Identify, assess, and prioritize cybersecurity risks to the organization’s assets and systems.
- Develop and implement risk mitigation strategies and controls to reduce organizational cyber risk.
- Partner with business and IT leaders to educate and ensure effective risk management.
- Manage a diverse team of employees, contractors, and managed service providers.
- Evaluate and assess cybersecurity risks associated with third-party suppliers and service providers to ensure compliance with organizational security standards.
- Collaborate with procurement, privacy, quality, and vendor management teams to streamline the third-party risk assessment process.
- Develop and implement cybersecurity risk mitigation strategies and controls for third parties, including contractual language and ongoing monitoring.
- Oversee cybersecurity audits as required.
- Stay current on the latest cybersecurity trends, threats, and regulatory changes.
- Develop metrics and reporting; create and present regular reports on the organization’s cybersecurity risk posture to senior management and stakeholders.
- Manage the cyber risk register and ensure alignment with enterprise risk management.
- Experience in cybersecurity IT and third-party risk management within a global, highly regulated environment.
- Solid understanding of industry standards (NIST CSF, ISO/IEC 27001, ISO/IEC 31000) and regulations (SOX, GDPR, HIPAA, GCPs).
- Experience managing third-party service providers, consultants, and internal staff.
- Strong presentation, written, and verbal communication skills.
- Ability to think strategically, innovate, and execute effectively.
- Proven experience collaborating across various IT and business domains at both SME and senior leadership levels.
- Bachelor’s degree in Computer Science, Cybersecurity, or a related field.
- Advanced certifications such as CISSP, ISO 27001, CISM, or CRISK.
- Minimum 7 years’ experience in cybersecurity risk management.
- Minimum 3 years’ experience in people leadership and performance management.
- Fortrea may consider relevant and equivalent experience in lieu of educational requirements.
- Must be able to work in a fast-paced, high-stress environment that requires quick decision-making and effective problem-solving skills.
Key Skills
Ranked by relevanceReady to apply?
Join Fortrea and take your career to the next level!
Application takes less than 5 minutes