Share this Job

Director - IT Risk Management

Location: 

King Of Prussia, PA, US

Company:  AmeriGas Propane, Inc.

When you work for AmeriGas, you become a part of something BIG! Founded in 1959, AmeriGas is the nation’s premiere propane company, serving over 2 million residential, commercial, industrial and motor fuel propane customers.  Together, our 8,500 dedicated professionals will deliver 1.5 billion gallons of propane from 1,400 distribution points across the United States.

Job Summary (Purpose): 

 

The Director - IT Risk Management is responsible for managing the development and delivery of IT Security and Risk mitigation standards, best practices, architecture, and systems to insure information system security across the enterprise.  Implements processes and methods for auditing with internal and external auditors while addressing non-compliance to information security standards.  Communicates non-compliance as needed with senior management.

 

Manages and participates in the planning and implementation of security administration for all IT Projects.  Responsible for evaluation and selection of security applications and systems.  Makes recommendations and assist in the implementation of changes to work methods and procedures to make them more effective or to strengthen security measures.

 

Key Characteristics:

 

  • Thorough understanding of local and federal regulations such as Sarbanes-Oxley, Basel II, and HIPAA
  • Strong background and orientation towards cyber-security
  • Technically capable and credible – able to interact with technical teams on a routine basis and challenge them on design and implementations

 

Duties and Responsibilities:

 

  • Advises IT and business executives on the status of technology risk and compliance issues based on assessment results and information from various monitoring and control systems.
  • Monitors and analyzes technology risk trends, recommends appropriate IT policies, procedures and practices to strengthen internal operations.
  • Directs IT functional teams in the development, implementation, monitoring and reporting of control processes, documentation and compliance routines.
  • Provides oversight regarding audit, regulatory and risk management activities across IT functional areas, such as the development and maintenance of regulatory documentation (e.g., Sarbanes-Oxley Act compliance)
  • Lead strategic security planning to achieve business goals by prioritizing defense initiatives and coordinating the evaluation, deployment, and management of current and future security technologies.
  • Responsible for policies and procedures around change management and risk management
  • Coordinates the IT component of both internal and external audits, federal and state examinations.
  • Provide strategic direction and leadership to oversee and deliver security applications and systems.
  • Participate in key planning and strategy meetings.
  • Manage the executive communications and reporting of the status of IT Risk management, including preparing and participating in board meetings if required.

 

Knowledge, Skills and Abilities:

 

  • Able to move the entire AmeriGas organization forward on managing technology related risks
  • Possesses detailed knowledge of industry regulatory environment and risk management practices, and thorough understanding of local and federal regulations such as Sarbanes-Oxley, Basel II, and HIPAA
  • Strong background and orientation towards cyber-security
  • Technically capable and credible – able to interact with technical teams on a routine basis and challenge them on design and implementations
  • Knowledge of the application security and regulatory environment in the U.S.
  • Strong leadership and communication skills especially at a technical and executive level.
  • Strong leader in talent management, with the ability to develop staff, recruit appropriate talent, and create a culture of performance.

 

Education and Experience Requirements

 

  • 10+ years of experience in IT security, frameworks, policies, standards, regulatory, audit and security risk disciplines and practices        
  • Demonstrated track record of managing software security programs at a large company
  • A bachelor's degree in information systems or equivalent work experience
  • Strong leadership and communication skills especially at an executive level
  • Experience with PCI Compliance
  • Experience with common information security management frameworks

AmeriGas is a Drug Free Workplace.  Candidates must be able to pass a pre-employment drug screen and a criminal background check.  AmeriGas is an Equal Opportunity Employer.


Nearest Major Market: Philadelphia

Job Segment: Manager, Risk Management, Law, Information Systems, Cyber Security, Management, Finance, Legal, Technology, Security