Expoint - all jobs in one place

The point where experts and best companies meet

Limitless High-tech career opportunities - Expoint

ATT AVP-Cybersecurity - Tech Risk- Cyber Third-Party Management 
United States, Georgia, Atlanta 
994347963

01.08.2024

Job Description:

As AT&T Technology Risk AVP – Cyber, Third Party, SDLC, and SecMod/EOSL Lead, you will be responsible for providing independent oversight of the company’s Cybersecurity, Technology Third Party Management, SDLC, and SecMod/EOSL control functions in accordance with the Technology Risk Program. Increasing levels of regulatory requirements demand additional risk management rigor, and we must implement highly resilient, reliable, and effective solutions that meet and in some cases exceed performance standards found in other information rich industries. You will provide leadership and support for Technology Risk initiatives across the business and advocate for best practices, while incorporating an independent oversight lens. You will utilize risk-based management to integrate information and technology risk processes into the way AT&T operates.

Reporting to AT&T’s Vice President of Technology Risk, you will lead a team responsible for identifying, assessing, responding to, and monitoring risks pertaining to information security, use of technology third parties, software delivery, and end-of-service/end-of-life. You will ensure that regulatory / risk policies and standards and their impact on business operations are understood and addressed consistently across AT&T, and that technology risks of new and existing technology facilities, as well as third party facilities, are assessed, monitored, and remediated as necessary. You will help to provide coverage for regulatory issues with our global technology partners and assist with regulatory exams, requests, and meetings.

Responsibilities

  • Lead the Cyber, Third Party, SDLC, and SecMod/EOSL risk advisory team in accordance with the Technology Risk Program and in support of compliance initiatives within respective business units / functions
  • Provide thought leadership on, as well as, manage the development of Technology Risk policies, processes, frameworks and oversee the integration and implementation of proposed solutions
  • Ensure IT Standards and Policies are fit for purpose and are appropriate from a regulatory, risk and compliance perspective
  • Provide expertise to business units around emerging technology risk topics
  • Work with applicable business, operational and IT organizations to help ensure that business and IT projects are appropriately monitored for IT risks
  • Provide subject matter advice to technology and business leaders in support of Tech Risk compliance initiatives
  • Support Tech Risk teams responsible for risk monitoring, periodic controls testing, evidence collection, remediation and audit readiness efforts
  • Support efforts to improve the Technology Risk Program’s onboarding capabilities, with the goal of facilitating and streamlining Program adoption, and simplifying the process for business units to understand and comply with Program requirements/controls
  • Periodically assess Technology Program capabilities and associated maturity levels to identify Program enhancement opportunities
  • Develop strong relationships and interact with Senior Leadership, Business Unit Heads, Global Functions, Internal Audit, External Regulators, Legal and Compliance, Privacy and IT teams to coordinate activities
  • Develop and deliver executive-level IT risk presentations to describe risk exposures and actions required
  • Support Vice President of Technology Risk with escalation of high risk observations to executive leadership
  • Support teams conducting risk and control assessments of new and existing business capabilities
  • Represent AT&T’s interests to appropriate industry and standards forums and advise the Vice President of Technology Risk concerning topics and trends pertaining to information technology risks

Qualifications

  • 10-15 years of work experience in technology, operational risk management, or a related discipline at a global company
  • Significant (10+ years) experience in multiple industry risk, control and governance disciplines (e.g. Audit, Information Security, and Regulatory Compliance)
  • Deep experience in:
    • Information security risk and cybersecurity control capabilities in an ownership or oversight capacity
    • Third party risk and technology third party management control capabilities within technology organizations or in an oversight capacity
    • Software development risk and SDLC control capabilities within technology organizations or in an oversight capacity
    • Managing technology asset end-of-life/end-of-service and security modernization initiatives within technology organizations or in an oversight capacity
  • Experience designing, implementing, and sustaining programs that effectively manage risk throughout the risk management lifecycle; including:
    • Strategic technology risk advisory
    • Risk identification, including emerging risks
    • Maturity and risk assessment, scenario analysis
    • Risk response, mainly issue remediation
    • Risk monitoring
    • Policy and committee governance
  • Demonstrated success in remediating self-identified, internal / external audit, and regulatory / compliance issues
  • In-depth understanding of information technology and best practices across the industry as well as project management principles
  • Extensive knowledge of information and technology risk management policies, methods, standards, tools, and processes (e.g. ISO, COSO, COBIT, NIST) as well as knowledge of compliance, legal, internal / external audit & regulatory requirements
  • Ability to weigh business needs against risk concerns and effectively articulate issues to different audiences
  • Strong expertise in the collaboration, facilitation and coordination of the mitigation of risks. Adept at navigating governance structures. Ability to manage and analyze data. Experience raising awareness of information and technology risk throughout an organization
  • Understanding of metrics development and reporting. Strong problem solving and program execution skills. Ability to prioritize and drive difficult decisions among business partners.
  • Ability to solve very complex risk issues that span legal, compliance and regulatory obligations across various lines of business and shared service areas of the company
  • Strong client relationship management experience, communication, and influencing skills
  • Strong interpersonal and oral/written communication skills, able to build relationships with people at all levels. Experience developing and delivering presentations to all levels of management. Strong ability to develop, lead and manage a professional staff

Desired Qualification

  • BS required and advanced degree preferred

Our Our AVP - Cybersecurity, earn between $206,900 - $347,500. Not to mention all the other amazing rewards that working at AT&T offers. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

  • Medical/Dental/Visioncoverage
  • 401(k) plan
  • Tuition reimbursement program
  • Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
  • Paid Parental Leave
  • Paid Caregiver Leave
  • Additional sick leave beyond what state and local law require may be available but is unprotected
  • Adoption Reimbursement
  • Disability Benefits (short term and long term)
  • Life and Accidental Death Insurance
  • Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
  • Employee Assistance Programs (EAP)
  • Extensive employee wellness programs
  • Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone

A career with us, a global leader in communications and technology, comes with big rewards. As part of our team, you’ll lead transformation surrounded by trailblazing industry leaders like you. You’ll be empowered to go above and beyond – making a difference through company-sponsored initiatives or connecting and networking through one of our many employee groups.

And regardless of where you’re at in your career trajectory, you’ll be rewarded by the impact that comes with making a difference in the lives of millions.

With AT&T, you’ll be a part of something greater, do incredible things and be rewarded with a chance to change the world.

AT&T will consider for employment qualified applicants in a manner consistent with the requirements of federal, State, and local laws.

Apply today.

USA:GA:Alpharetta / 300 North Point Pkwy - Dat (owned):300 North Point Pkwy


Salary Range:

$206,900.00 - $347,500.0008/01/2024