Posted in

Director – Cybersecurity Strategy – Innovation – And Governance – Dcsig

Director – Cybersecurity Strategy – Innovation – And Governance – Dcsig

CompanyHuntington Bancshares
LocationDetroit, MI, USA, Charlotte, NC, USA, Pittsburgh, PA, USA, Columbus, OH, USA
Salary$Not Provided – $Not Provided
TypeFull-Time
DegreesBachelor’s
Experience LevelSenior, Expert or higher

Requirements

  • Bachelor’s degree in a related field.
  • 10+ years of experience in Cybersecurity,
  • 5 years in Cyber Leadership roles focused on Strategy, Governance, and Innovation.
  • 5 Years in developing and executing large-scale Cybersecurity Programs that align with business and Risk Management objectives, ideally within financial services.
  • 5 Years experience in Cybersecurity Governance, Risk Management, Compliance, and Policy Development.

Responsibilities

  • Lead the collaborative design and execution of a comprehensive cybersecurity strategy aligned with business objectives, risk management goals, regulatory and industry guidance, and long-term growth.
  • Define the cybersecurity roadmap and maturity model, ensuring alignment with the organization’s broader business and technology strategies.
  • Continuously assess and refine the strategy to stay ahead of emerging threats, technology advancements, banking trends, business direction, and evolving regulatory requirements.
  • Oversee the development and implementation of cybersecurity governance frameworks, policies, and standards to ensure effective risk management and compliance with applicable regulations and industry standards (e.g., FFIEC, NIST, GLBA, SOX, PCI DSS, CRI, ISO 27001).
  • Develop and maintain a risk and control matrix (RCM) covering information security capabilities and activities.
  • Partner with 1LOD Risk, integrate and facilitate information security related activities within the Risk and Control Self-Assessment (RCSA) program.
  • Conduct various self-assessments to facilitate programmatic maturity, supporting insurance, and regulatory/legal requirements.
  • Facilitate and support external and oversight engagements.
  • Foster a culture of cybersecurity accountability by ensuring that governance processes are embedded into the organization’s business and technology operations.
  • Coordinate proactive identification of control gaps, and drive treatment of open issues.
  • Establish and maintain effective risk reporting mechanisms to senior management and the board of directors.
  • Identify and evaluate new technologies, methodologies, and solutions to improve the organization’s cybersecurity posture and enhance the ability to detect, prevent, and respond to threats.
  • Collaborate with technology and business teams to explore innovative ways to integrate cybersecurity practices seamlessly into existing and future products and services.
  • Foster a culture of continuous improvement by championing innovative solutions and processes that increase the efficacy of security controls, enhance overall cybersecurity resilience, and improve the user experience of internal and external cybersecurity stakeholders.
  • Evaluate the effectiveness and efficiency of current cybersecurity controls and recommend enhancements to improve the organization’s security posture.
  • Implement strategies to optimize existing security tools, processes, and teams to better align with evolving risks and business needs.
  • Measure and track key performance indicators (KPIs) and metrics to assess the success of cybersecurity initiatives and improvements.
  • Lead Process Engineering group, responsible for process related: mapping, analytics, improvement/recommendations, performance metrics, and gearing ratios.
  • Lead a cross-functional team of cybersecurity professionals in driving strategy execution and innovation initiatives.
  • Serve as a trusted advisor to senior executives, business leaders, and stakeholders, providing expert guidance on strategic cybersecurity matters.
  • Work cross-functionally, including within Technology, Legal, Compliance, and Risk Management, to ensure cohesive and coordinated efforts in cybersecurity strategy execution.
  • Develop regular cybersecurity reports for executive leadership and risk committees, ensuring alignment and accuracy of content.
  • Translate complex cybersecurity threats and risks into clear, concise, and actionable insights for senior executives and Board members.
  • Collaborate with legal, compliance, and risk management teams to ensure cybersecurity reporting aligns with governance frameworks and regulatory requirements.
  • Develop, maintain, and enhance existing portfolio of cybersecurity metrics, focusing on business outcomes and supporting effective cyber risk management.
  • Leverage automated data collection and analytics capabilities to reduce manual processes for collection and presentation of metrics.

Preferred Qualifications

  • Strong ability to balance strategic thinking with tactical execution.
  • Collaborative mindset with the ability to work across functions and with external partners.
  • Results-driven, with a commitment to continuous improvement and innovation in cybersecurity practices.
  • Proven ability to thrive in a fast-paced, ever-changing threat landscape.
  • Excellent strategic thinking, problem-solving, and analytical skills.
  • Exceptional ability to drive clarity and build consensus.
  • Strong leadership abilities with experience managing cross-functional teams and influencing senior leadership.
  • Outstanding communication skills, including the ability to present complex concepts to non-technical stakeholders.
  • Strong knowledge of security technologies (SIEM, DLP, ZTNA, encryption, etc.) and frameworks (NIST, CRI, ISO, etc.).
  • Deep understanding of emerging cybersecurity technologies, regulations, innovation trends, and effective industry practices.