-
The AVP, Cyber Risk & Risk Solutions, is a senior leadership role responsible for overseeing the organization’s cybersecurity risk management, regulatory compliance, and data protection initiatives. This role involves managing advanced cyber risk solutions, ensuring compliance with state and federal laws, and leading the organization’s response to audits, investigations, and regulatory inquiries. The successful candidate will serve as the subject matter expert on data privacy and cybersecurity compliance, driving enterprise-level strategies to mitigate risks and maintain a robust security posture.
Key Accountabilities/Deliverables:
Lead the evaluation and implementation of cyber risk solutions, including BitSight for third-party trust assessments.
Oversee the management and continuous monitoring of Microsoft Purview DLP, eDiscovery, and other data protection tools to safeguard sensitive information.
Coordinate with internal and external teams to conduct penetration testing, identify vulnerabilities, and remediate risks.
Develop and manage cyber threat hunting programs and ensure timely reporting and investigation of security incidents.
Ensure compliance with applicable laws and regulations, including NYDFS, HIPAA, Delaware Data Security Act, and privacy laws across all 50 states.
Lead the organization’s efforts to comply with data privacy and cybersecurity frameworks (e.g., GDPR, CCPA, and other emerging regulations).
Manage all interactions with auditors and regulators, ensuring timely submission of reports and remediation plans.
Oversee preparation for cyber incident reporting, aligning with legal and regulatory requirements.
Serve as the primary point of contact for internal and external audits related to cybersecurity and data privacy.
Lead investigations into cybersecurity breaches, ensuring thorough documentation and corrective actions.
Provide clear, actionable reports on findings from audits, investigations, and threat assessments to senior leadership and the board of directors.
Collaborate with cross-functional teams, including IT, legal, compliance, and operations, to align cybersecurity strategies with business objectives.
Mentor and guide the cybersecurity compliance team to achieve operational excellence.
Develop and deliver training programs to enhance organizational awareness of cybersecurity and compliance responsibilities.
Develop and implement a strategic roadmap for cyber risk and compliance initiatives.
Provide regular updates and reports to the executive leadership team on the status of cybersecurity risks and compliance efforts.
Technical Knowledge and Understanding:
Strong understanding of data privacy frameworks, cybersecurity best practices, and threat management strategies.
Exceptional leadership and team-building capabilities.
Excellent written and verbal communication skills, with the ability to present complex information to technical and non-technical stakeholders.
High level of integrity, discretion, and the ability to handle sensitive information with confidentiality.
Experience:
Bachelor’s degree required.
Proven expertise in managing cybersecurity compliance programs, including NYDFS, HIPAA, and multi-state data privacy laws.
Hands-on experience with tools like BitSight, Microsoft Purview, and advanced threat detection platforms.
Demonstrated experience in regulatory audits, incident investigations, and legal compliance reporting.
The expected pay range for the role is $150,000 - $180,000. The specific offer will depend on an applicant’s skills and experiences. The disclosed pay range estimate may also be adjusted for the applicable geographic differential for the location in which the position is filled.
Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa for this position.
#LI-Remote
-
At Core Specialty, you will receive a competitive salary and opportunities for professional development and advancement. We offer medical, dental, vision, and life insurances; short and long-term disability; a Company-match of 100% of a 6% contribution 401(k) plan; an Employee Assistance Plan; Health Savings Account, Flexible Spending Account, Health Reimbursement Account, and a wellness program