Global Security Governance & Assurance Director

Key Responsibilities:

Enterprise Security Governance

• Design and lead the integrated governance framework spanning all security domains: cyber, physical, product and services security, supply chain security, and data protection.
• Ensure governance frameworks and policy structures are synchronized with AI governance principles and emerging technology oversight led by the Director of AI Governance.
• Oversee the lifecycle of enterprise security policies, standards, and procedures, ensuring consistency and alignment across diverse security functions and geographies.
• Chair or support cross-functional governance forums to drive policy decisions, risk escalations, and investment prioritization.

Security Risk Management & ERM Ownership

• Serve as the primary ERM authority under the CSO/CAIO, responsible for maintaining the security enterprise's risk register and aligning with corporate ERM processes.
• Lead quarterly risk reviews and executive-level reporting across all security domains.
• Collaborate with domain risk owners (AI, cyber, physical, product, and supply chain) to assess, document, and mitigate enterprise-level risks.
• Provide independent oversight and validation of security controls, resilience planning, and compliance frameworks.
• Coordinate with internal audit, legal, and corporate risk teams to ensure integration of security risks into the broader enterprise risk posture.

Security Assurance & Compliance

• Develop and manage assurance programs that evaluate effectiveness of controls, operational readiness, and continuous improvement across all security functions.
• Partner with internal teams to ensure security compliance with regulatory requirements, industry standards, and customer commitments.
• Collaborate with the AI Governance function to ensure assurance activities reflect the evolving expectations for AI security, transparency, and responsible innovation.
• Lead readiness assessments and post-incident validations, including red team exercises, audits, and executive simulations.

Business Alignment & Enablement

• Act as a strategic advisor to business leaders, helping balance innovation and agility with security governance obligations.
• Embed governance and assurance into the design and rollout of new products, services, business models, and operational capabilities.
• Ensure policy and assurance mechanisms support secure and ethical use of AI and emerging technologies.

Team & Program Leadership

• Build and manage a high-performing governance and assurance team with expertise across multiple domains.
• Foster a culture of ownership, transparency, and continuous improvement in governance and risk management practices.

Basic Qualifications:

• Bachelor's degree in Information Security, Risk Management, Engineering, Business, or a related field; Master's degree or industry certifications (e.g., CISA, CRISC, CISSP, ISO Lead Auditor) preferred.
• 15+ years of leadership experience in enterprise security governance, assurance, or risk management, ideally spanning multiple security disciplines.
• Proven track record of establishing integrated governance and assurance programs across cybersecurity, physical security, and supply chain or product security.
• Strong knowledge of global regulatory frameworks (e.g., SOX, GDPR, NIST, ISO, PCI) and risk assessment methodologies.
• Exceptional executive communication skills, with the ability to influence across business, technical, and regulatory stakeholders.

Preferred Qualifications:

• Experience in a converged security environment where security programs are managed in a unified governance model.
• Familiarity with AI governance, data protection strategy, or zero-trust assurance programs.
• Demonstrated success partnering with adjacent governance functions (e.g., AI, Privacy, Data Ethics) to build cohesive oversight models.
• Comfortable leading in a matrixed, global organization with cross-cultural and cross-functional stakeholders.