"Alerted.org

Description

Job Summary:The Manager of Cybersecurity Strategy and Governance is responsible for supporting the execution of strategic cybersecurity initiatives, maintaining governance processes, and collaborating with Cybersecurity teams to identify improvements to enhance the organization's overall security posture. Reporting to the Director of Cybersecurity Strategy, Innovation, and Governance (DCSIG), this role acts as a key leader responsible for translating strategic direction into actionable workstreams, partnering across cybersecurity and business units to promote governance discipline, control maturity, and innovation enablement.

The ideal candidate is detail-oriented, execution-focused, and capable of managing cross-functional efforts to ensure successful delivery of cybersecurity initiatives, reporting, and process enhancements.

Key Responsibilities:

Strategic Program Execution

+ Support the collaborative design and execution of a comprehensive cybersecurity strategy aligned with business objectives, risk management goals, regulatory and industry guidance, and long-term growth.

+ Operationalize components of the cybersecurity Strategy, Governance, and Innovation roadmap in close partnership with the DCSIG and Cybersecurity Leadership team.

+ Track progress against defined maturity goals and report key milestones, risks, and dependencies to leadership.

+ Continuously assess and refine the strategy to stay ahead of emerging threats, technologic advancements, banking trends, business direction, and evolving regulatory requirements.

Cybersecurity Governance & Policy Management

+ Support the lifecycle of cybersecurity policies and standards, including drafting, reviews, socialization, and periodic updates, in alignment with applicable regulations and industry standards (e.g., FFIEC, NIST, GLBA, SOX, PCI, DSS, CRI, ISO 27001).

+ Support the implementation of governance processes to ensure alignment with regulatory requirements and internal risk frameworks.

+ Coordinate inputs to governance forums, including meeting materials, charters, and action item follow-ups.

Risk & Compliance Support

+ Maintain and update the cybersecurity risk and control matrix (RCM) to reflect current-state control environment and ownership.

+ Partner with internal stakeholders to collect and validate cybersecurity-related inputs into enterprise risk assessments, RCSAs, and self-assessments.

+ Track and support closure of cybersecurity audit issues, regulatory findings, and control remediation items.

Continuous Improvement

+ Collaborate with cyber operations, engineering, and architecture teams to pilot and integrate innovative capabilities.

+ Participate in process improvement efforts, including current state mapping, metric tracking, and performance analysis.

Cybersecurity Metrics & Reporting

+ Develop, maintain, and operationalize cybersecurity metrics and dashboards to support executive and risk committee reporting.

+ Ensure data accuracy and alignment of metrics with business outcomes and program maturity goals.

+ Help automate and streamline reporting processes, reducing manual data collection efforts.

Stakeholder Engagement & Coordination

+ Coordinate working groups, task forces, and project teams related to cybersecurity governance and strategy implementation.

+ Facilitate collaboration across Legal, Compliance, Risk, and Technology functions to ensure cohesive program execution.

+ Serve as a resource for teams seeking clarification or support related to cybersecurity policies, controls, or governance processes.

Basic Qualifications:

+ Bachelor’s degree in Cybersecurity, Risk Management, Information Systems, or a related field.

+ 5+ years of experience in cybersecurity, risk, compliance, or governance functions.

+ 3 years experience utilizing cybersecurity frameworks (e.g., NIST CSF, FFIEC CAT, ISO 27001, CRI).

+ 3 years experience with regulatory and risk management practices, particularly in financial services or regulated industries.

Preferred Qualifications:

+ Proven experience managing cross-functional projects and delivering results in matrixed environments.

+ Strong communication and interpersonal skills, with the ability to translate technical concepts into business terms.

+ Proficiency in GRC platforms, data visualization tools, and metrics reporting.

+ Detail-oriented with strong organizational and execution skills.

+ Ability to thrive in a fast-paced environment with shifting priorities and multiple workstreams.

#Hybrid

#LI-SG1

#LI-BM1

Exempt Status: (Yes = not eligible for overtime pay) (No = eligible for overtime pay)

Yes

Workplace Type:

Office

Our Approach to Office Workplace Type

Certain positions outside our branch network may be eligible for a flexible work arrangement. We’re combining the best of both worlds: in-office and work from home. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. Remote roles will also have the opportunity to come together in our offices for moments that matter. Specific work arrangements will be provided by the hiring team.

Huntington is an Equal Opportunity Employer.

Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details.

Note to Agency Recruiters: Huntington Bank will not pay a fee for any placement resulting from the receipt of an unsolicited resume. All unsolicited resumes sent to any Huntington Bank colleagues, directly or indirectly, will be considered Huntington Bank property. Recruiting agencies must have a valid, written and fully executed Master Service Agreement and Statement of Work for consideration.