A Day in the Life We are seeking a highly skilled and experienced Senior Cybersecurity-Specialist to drive special projects and programmatic initiatives aimed at enhancing the organization s cybersecurity posture. The successful candidate will work closely with senior leadership, cross-functional teams, and external stakeholders to deliver strategic solutions, optimize processes, and ensure robust security measures are in place to protect the organization s digital assets.
As a Senior Cybersecurity Specialist, you will play a key role in bridging the gap between technical and business requirements, helping to define and implement initiatives that align with both business objectives and cybersecurity best practices. You will be responsible for assessing the current security landscape, identifying areas for improvement, and managing the delivery of high-impact cybersecurity projects.
Responsibilities may include the following and other duties may be assigned.
- Compliance Management: Lead and manage cybersecurity compliance efforts, ensuring adherence to relevant global standards, including ISO 27001, NIST, GDPR, SOC 2, PCI DSS, Etc.
- Compliance Analysis: Work closely with stakeholders across IT, cybersecurity, and business units to ensure compliance against security controls and policy and standards defined as a part of the governance documentation. Provide guidance/recommendations to stakeholders on how to correct non-compliance issues.
- Policy Development & Enforcement: Enforce, implement, and enforce cybersecurity policies and procedures to ensure regulatory compliance, industry best practices, and organizational security requirements.
- Risk Management: Conduct compliance assessments and/or valuation audits to identify compliance gaps, vulnerabilities, and opportunities for improvement. Collaborate with internal stakeholders to remediate identified issues and mitigate potential risks. Work cross-functionally with IT, legal, risk management, and business teams to ensure compliance initiatives are embedded within all key business processes and technology implementations.
- Audit & Reporting: Oversee and manage internal and external cybersecurity compliance. Provide regular compliance reports to senior leadership, outlining the organizations compliance status, risks, and mitigation strategies.
- Metrics & Reporting: Define and track key compliance performance indicators (KPIs) for program success. Provide regular updates and reports on cybersecurity project performance, outcomes, and opportunities for continuous improvement.
- Governance, Risk & Compliance (GRC) Expertise: Demonstrated expertise in GRC frameworks and processes, including system selection, system administration, and supporting core GRC functions. Act as technical system administrator for GRC specific technology.
- Collaboration & Cross-Functional Coordination: Work in tandem with IT, security operations, compliance, legal, and other GCISO and Medtronic departments to ensure seamless compliant execution of projects, adherence to industry standards, and alignment with organizational priorities.
- Continuous Improvement: Stay abreast of emerging cybersecurity threats, regulatory changes, trends, and technologies to proactively incorporate new best practices and solutions into the organization s cybersecurity strategy. Provide guidance on how new regulations or industry standards impact the organizations compliance posture.
- Continuous Improvement: Drive continuous improvement initiatives for compliance processes, leveraging automation and best practices to increase efficiency, reduce costs, and improve security posture.
MUST HAVE (Minimum Qualifications)
SENIOR LEVEL:
- Requires a Baccalaureate degree Information Technology, Cybersecurity, Business Administration, or a related field. (or for degrees earned outside of the United States, a degree which satisfies the requirements of 8 C.F.R. 214.2(h)( 4)(iii)(A) and
- Minimum of 5 years of relevant experience, or
NICE TO HAVE (Preferred Qualifications)
- Education: Advanced degree or certifications (e.g., CISSP, CISM, CISA, PMP, ISO27001 Auditor) preferred.
Experience:
- 7+ years of experience in cybersecurity compliance (Governance, Risk & Compliance)
- Proven track record of successfully delivering complex cybersecurity initiatives and special projects.
- Strong understanding of cybersecurity frameworks, risk management, and industry best practices (e.g., NIST, ISO 27001, GDPR, etc.).
Skills & Competencies:
- Strong analytical and problem-solving skills with the ability to assess business needs and translate them into actionable cybersecurity solutions.
- Excellent communication and interpersonal skills, with the ability to interact effectively with both technical and non-technical stakeholders.
- Ability to manage multiple projects or program initiatives concurrently while maintaining high standards of quality and attention to detail.
Technical Knowledge:
- Familiarity with security technologies, incident management systems, and tools.
- Understanding of IT infrastructure, networks, cloud environments, and cybersecurity protocols.
