Join us as we pursue our disruptive new vision to make machine data accessible, usable and valuable to everyone. We are a company filled with people who are passionate about our product and seek to deliver the best experience for our customers. At Splunk, we’re committed to our work, customers, having fun and most importantly to each other’s success. Learn more about Splunk careers and how you can become a part of our journey!
Splunk is the leader in big data, machine learning analytics with a significant presence in the cyber security market. Splunk is seeking a Director of Security Governance to join the Security Trust Office within Splunk Global Security (SGS). The Director is a people leader with direct reports and responsibilities including hiring, training, talent management, and development. The position is accountable for leading the security policy lifecycle, Information Security Management System (ISMS) program delivery, and measurement and oversight of the enterprise security program across multiple functions. The position is also responsible for designing, implementing, and chairing the Security Governance Committee, collaborating with a cross-functional team. Experience with developing, leading and overseeing security governance programs in a globally regulated enterprise and significant enterprise cloud footprint is strongly preferred.
- You are an influential people leader who is focused on developing a world class function by hiring and developing top talent
- You will act as an authority in Security Governance and Security Program Management
- You are deeply skilled in applying industry standard control frameworks to an enterprise environment
- You are capable of communicating effectively to technical and non-technical audiences at various levels in the organization
- You are proficient in developing and maintaining policies, standards, and guidance artifacts from ideation to retirement
- You are skilled in conducting cross-functional requirements gathering workshops, tracking and influencing action
- You have experience in building security roadmaps and plans to address identified risks
- You will own and maintain the policy exceptions process
- You will develop dashboards and metrics to represent the security governance program performance for cross-functional stakeholders and executive management
- You will drive training and awareness of the security policy library and associated processes for key business partners
- You will enable the maturation of the security program functions within the security team and with key business partners
- You will develop and implement a technology and data-driven approach to ensure the governance processes are efficient, scalable and repeatable
- 12+years experience in a security governance, risk, compliance, or operations senior level leadership role; including two (2) years of accountability leading a security governance program
- Minimum five (5) years experience as a people leader with responsibility for direct reports
- Expert level knowledge of information technology processes and controls along with a deep understanding of one or more of the following security control frameworks; ISO, NIST, UCF, Cloud Security Alliance (CSA), CIS Controls
- Experience working with Enterprise GRC management platforms (Archer, ProcessUnity, OneTrust, ZenGRC, etc.)
- At least one current professional certification is required, such as CISM, CISSP, CRISC, CISA, or GIAC
- Solid grasp of security governance concepts - policy management, control frameworks, program maturity, risk appetite, risk management, US and International laws and regulations
- Excellent written and verbal interpersonal skills
- Highly organized, self-starter with the ability to work individually, within a team, and partner with external stakeholders
- Possess high ethical standards, level of commitment, and ability to manage complexities
- You are able to lead in the planning, coordinating and monitoring of multiple projects and tasks in a fast-paced environment
- Bachelor's Degree or equivalent work experience required
- Applicants must be currently authorized to work in the United States on a full-time basis.
We value diversity at our company. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or any other applicable legally protected characteristics in the location in which the candidate is applying.
For job positions in San Francisco, CA, and other locations where required, we will consider for employment qualified applicants with arrest and conviction records.
(Colorado only*) Minimum base salary of $135,000. You may also be eligible for incentive pay + equity + benefits. Note: Disclosure per sb19-085 (8-5-201 et seq).