Director, Cybersecurity Governance

OneAmericaIT & Cybersecurity 9+ Years

Job Description

At OneAmerica, we deliver on promises when customers need us most.  We believe the best way to serve our customers is to know that every individual, employee, family and business we work with has unique personal and financial goals.  We keep our promises, so we can help them achieve their goals and realize their definition of financial success.

Job Summary

The Director, Cybersecurity Governance is responsible for developing, implementing, and managing a high-quality and efficient Cybersecurity Governance program that identifies, assesses, and manages IT risks, and implements policies, standards, and controls that enable compliance with applicable laws and regulations.  This individual uses a strong judgement and understanding of information security concepts to collaborate with stakeholders in solving complex issues to enable risk reduction for the organization.

Primary Responsibilities:

Develop, implement, and maintain a Cyber risk framework and metrics that enable communication of key threats, risks, effectiveness of security controls, and key risk and performance metrics (KRIs, KPIs).
Support and oversee Cybersecurity risk assessments, identifies gaps, and prioritize areas of risk and non-compliance into plans of action and milestones.
Work cross-functionally with Business and IT stakeholders in development and delivery of information security controls and programs that enable risk reduction in the organization.
Identify and monitor enhancements to security capabilities to improve organizational maturity.
Develop and revise information security policies, standards, and controls designed to mitigate risks and support assessment of information security maturity and capability.
Assist in strategy for managing audits, compliance obligations, and external assessment processes for internal/external auditors.
Coordinates risk management activities with other teams and departments, including Enterprise Risk Management (ERM) and Vendor Management Office (VMO) to ensure alignment and share best practices.
Develop and monitor continuous process optimization for governance processes.
Assists CISO with information security program strategy, direction, operations, and budgeting.
Perform other duties as assigned to ensure the smooth functioning of the department and maintain the reputation of the organization as a viable business partner.

Job Requirements

Required Education and/or Certifications

Bachelor of Science in Computer Science, Information Systems Management, or equivalent degree/experience.
Possess industry certifications (CISSP, CISA, CRISC, etc.) or be willing to obtain
Recommended Education and/or Certifications

Possess degree in Computer Science, Information Systems, Cybersecurity or equivalent
Preferred Certifications: GCIH, GPEN, OSCP
Required Work Experience

10+ yrs. of related experience in Cybersecurity/IT Risk Management fields, or equivalent experience
Experience implementing or working with Cybersecurity GRC programs.
Familiarity with SOC1 and SOC2 reporting, and process preferred
Skills in documenting risk and compliance activities
Or any combination of education and experience which would provide an equivalent background

Salary Band: 07C

As a condition of employment, OneAmerica requires that all new hires who receive a job offer on or after April 18, 2022 provide evidence of full or partial vaccination against COVID-19 within three days of accepting an offer letter with OneAmerica and before employment begins. If applicable, new hires must submit proof that they have received the second dose of a two dose COVID-19 vaccine within 30 days after their first dose is complete. If a new hire wishes to submit a request to be exempt from the mandatory COVID-19 vaccination policy due to a medical condition, sincerely held religious belief or other legal requirement, the associate will have three days after an offer of employment has been accepted to submit their exemption request for review and consideration by OneAmerica.

This selected candidate will be expected to work hybrid in Indianapolis, IN. The candidate will also be expected to physically return to the office in IN as business needs dictate or for team-building and collaboration.

If you are offered and accept this position, please be advised that OneAmerica does not have any offices located in the State of New York and OneAmerica associates are not permitted to work remotely in the State of New York.

Disclaimer:  OneAmerica is an equal opportunity employer and strictly prohibits unlawful discrimination based upon an individual’s race, color, religion, gender, sexual orientation, gender identity/expression, national origin/ancestry, age, mental/physical disability, medical condition, marital status, veteran status, or any other characteristic protected by law.

For all positions:

Because this position is regulated by the Violent Crime Control and Law Enforcement Act, if an offer is made, applicants must undergo mandated background checks as a condition of employment. Such background checks include criminal history. A conviction is not necessarily an absolute bar to employment. Consistent with applicable regulatory guidelines and law, factors such as the age of the offense, evidence of rehabilitation, seriousness of violation, and job relatedness are considered.

To learn more about our products, services, and the companies of OneAmerica, visit

Posted On

April 20, 2022