Cybersecurity Risk and Controls Framework Expert, Hewlett Packard Enterprise

Hewlett Packard Enterprise

Location:
United States, Spring

Category:
IT - Administration

Contract Type:
Employment contract

Salary:

105500.00 - 243000.00 USD / Year

Save Job

Apply Position

Job Description:

Cybersecurity Risk and Controls Framework Expert to analyse the regulatory compliance, business and operational risk requirements related to cybersecurity and develop a framework against which control requirements can be defined and applied. This will include analyzing the inventory of cyber policies and standards and validating them against the risk and controls framework as well as against the threat landscape. This role will also be responsible for driving enterprise risk reporting and creating the right awareness and visibility for executive decision making.

Job Responsibility:

Support Governance, Risk and Compliance (GRC) leadership in delivering various risk overview summaries
Contribute to the development of the Cyber risk governance framework
Facilitating a gap analysis of the current processes against the Risk management framework
Provide subject matter expertise on the control framework, policies, standards and guidelines
Analyse the current suite of controls against the control framework
Ensure that changes to risk governance frameworks are effectively communicated
Work with regional representatives to coordinate the scanning for regulatory changes related to cybersecurity
Provide expert opinion on HPE's risk and effectiveness of our policies and standards
Support the handling of questions pertaining to cyber policies and standards from regulators, partners and customers
Deliver presentations and updates to key business and technology stakeholders
Provide timely insight to business and technology partners on risk and controls

Requirements:

Bachelor's degree in Information Security, Information Technology, Risk Management or a related field, or equivalent experience
CISSP, CRISC, or similar certification
5-7 years of experience in Information Security, IT Governance, and/or Risk Management
5+ years of experience working with various industry standards and frameworks on risks and controls (e.g. ISO 27001, NIST CSF, COBIT)
Expert in a broad range of Information Security domains (e.g., Application Security, Cloud Security, Network Security, Data Security, Infrastructure Security)
Strong understanding of cybersecurity control frameworks (e.g., NIST CSF, ISO 27001)
Proven experience in risk assessments and analysis
Proven experience in defining and implementing cybersecurity policies, standards and guidelines across multiple platforms
Strong organizational skills and attention to detail
Ability to work effectively with technical and non-technical stakeholders
Excellent documentation, communication, and problem-solving skills

What we offer:

Health & Wellbeing benefits
Personal & Professional Development programs
Unconditional Inclusion environment
Comprehensive suite of benefits supporting physical, financial and emotional wellbeing

Additional Information:

Job Posted:
November 14, 2025

Employment Type:

Fulltime

Work Type:

Hybrid work

View All Jobs In This Company

Job Link Share:

Cybersecurity Risk and Controls Framework Expert