Sr. Director Cyber Strategy, Operations and Business Engagement

Equal Opportunity Employer

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability status.

EEO / AA / M / F / Disabled / Vets

Job Description :

Sr. Director Cyber Strategy, Operations and Business Engagement

As a global media and information services company, News Corp understands the importance of cybersecurity and mitigating risk across the organization.

We believe in protecting our businesses and customers and are looking to build innovative solutions that will allow us to become a global leader in cybersecurity.

If cybersecurity is your passion and you want to be part of a cutting edge team, we want to hear from you!

Sr. Director Cyber Strategy, Operations and Business Engagement will act as the lead for all the News Corp BISOs, providing leadership, support and driving excellence and standardization across the BISO functions in News Corp, helping drive cyber strategies across the organization, and ensuring BU risks and issues are understood within the cyber organization and incorporated into cyber strategies.

Combining business acumen with technical knowledge, this role assists in improving the engagement of the cyber organization across the business units.

This role is pivotal in aligning our cybersecurity initiatives with business goals, fostering strong relationships across departments, and ensuring our cybersecurity posture supports each company's strategic objectives.

The role will undertake a leadership position within the global BISO program, with a view to foster cohesion between the Central Cyber and Business Unit Strategies.

This will be delivered through tactical guidance to the BISOs and business unit leadership where required.

Key Responsibilities

• Serve as a overall leader, mentor and trusted advisor to the BISOs
• Develop and implement standard processes, templates, and materials to ensure BISOs operate, communicate and interact in a standard and repeatable manner
• Act as the main point of contact for the BISO group, providing management oversight and feedback and support performance excellence
• Develop a strategy to ensure cybersecurity practices are built into business unit initiatives
• Work closely with security leadership to instill cybersecurity policies and practices throughout business units to address security operations, incident response, application and infrastructure security
• Be actively informed and engaged in security projects across the business units and Global Tech
• Enforce the strong security culture set forth by the CISO, ensuring uniformity across security leadership, business units and BISOs
• In conjunction with security and business unit leaders, define (KPIs) and metrics aligning with business initiatives and deliver them to non-technical teams in terms that are accessible and comprehensible
• Work with BISOs to gain an understanding of the business units modus operandi to assist with removing complexity and obstacles that hinder efficient security controls enterprise-wide
• Stay abreast of new laws, regulations and standards, and assess their impact to the business units by working closely with the BISOs, legal and GRC

Key Duties Expanded

Strategic Alignment : Drive the integration of cybersecurity strategies with business objectives, ensuring cybersecurity considerations are embedded in all business processes and decision-making frameworks.

Examples :

• Integrated BU planning with product / cloud / enterprise security for increased efficiency with VEM, Threat modeling, Business Unit RFC's / ADRs
• This helps with tracking on VEM issues and helps cyber understand workloads of the BU / GT alongside cyber requests

Stakeholder Collaboration : Cultivate strong, collaborative relationships with business leaders, understanding their needs and challenges to effectively communicate the value and impact of cybersecurity initiatives.

Examples :

• Running Steering committees and identifying the appropriate audiences to deliver to
• Identifying relevant updates to the BU exec and providing high-level briefs for them, usually quarterly or when requested

Cybersecurity Advocacy : Act as a primary advocate for cybersecurity within the business, raising awareness and promoting a culture of security through tailored communication and engagement strategies.

Examples :

• BISO Mentorship on identifying BU key stakeholders and how to become a dependency for the business, the goal here is to create a BISO that is the 'face of cyber' and can coordinate accordingly with the relevant cyber pillars when required
• Promote the Cyber program to the business through a productive and meaningful way, for example coaching BISOs on attending staff all hands, events, volunteering to speak at internal events

Risk Management : Work closely with risk management teams to identify, assess, and prioritize cybersecurity risks, ensuring these are effectively communicated and addressed within the business context.

Examples :

• Completing BU risk assessments in a way that allows for data to be reviewed by central cyber
• Identifying common themes and solutions to assist central cyber with solving problems that may be present across multiple BUs

Program Development : Lead the development and execution of business-centric cybersecurity programs, ensuring these are designed to support business operations while mitigating cyber risks.

Examples :

• Working closely with BISOs to ensure a collaborative approach to large scale programs such as vulnerability management and crown jewel control compliance
• Ensure feedback as a collective of business units is recognised by Global Tech

Performance Metrics : Establish and monitor key performance indicators (KPIs) and metrics to measure the effectiveness of cybersecurity engagement initiatives and ensure continuous improvement.

Examples :

• Identify stories to tell through metrics, provide these metrics on a quarterly basis alongside a strategy to resolve high risks
• Identify what is important to the business such as PCI compliance, NIST etc and creating a demonstrable strategy to highlight successes

Incident Response : Coordinate with business units during cybersecurity incidents, ensuring clear communication and swift resolution while minimizing business impact.

Examples :

• Working with the BISOs to help them when engaging with cyber defense during an incident, how to inform BU stakeholders and how to provide post IR remediation action items and track them to completion
• Identifying common themes of incidents, such as DDoS, scraping, phishing etc and working with the BISO and Cyber to reduce the likelihood of repeat incidents

Training and Awareness : Develop and implement comprehensive training programs to enhance cybersecurity awareness and practices across all levels of the organization.

Examples :

Creating a strategy for safety briefings with journalist protection and the BU health and safety teams if not already implemented.

Support this with assistance from cyber defense monitoring.

Policy Development : Contribute to the creation and refinement of cybersecurity policies and procedures, ensuring they are relevant to business needs and effectively communicated across the company.

Examples :

Work with BISOs to ensure new and existing policies are adhered to and work to remove obstacles or technical challenges that prevent BUs from remaining compliant.

Innovation and Improvement : Stay abreast of the latest cybersecurity trends and technologies, identifying opportunities to enhance the company's cybersecurity posture and drive innovation.

Examples :

As Business Units continue to explore innovation with AI, Cyber must remain a key part of conversations. Replicating the success of existing governance models can expedite the BUs to innovate with new

Job Category :

Pay Range : $155,000 - $265,000

We recognize that attracting the best talent is key to our strategy and success as a company. As a result, we aim for flexibility in structuring competitive compensation offers to ensure we are able to attract the best candidates.

The quoted salary range represents our good faith estimate as to what our ideal candidates are likely to expect, and we tailor our offers within the range based on the selected candidate's experience, industry knowledge, location, technical and communication skills, and other factors that may prove relevant during the interview process.

Pay-for-performance is a key element in our strategy to attract, engage, and motivate talented people to do their best work.

Similarly to salary, for bonus eligible roles, targets are set based on a variety of factors including competitive market practice.

For benefits eligible roles, in addition to cash compensation, the company provides a comprehensive and highly competitive benefits package, with a variety of physical health, retirement and savings, caregiving, emotional wellbeing, transportation, and other benefits, including "elective" benefits employees may select to best fit the needs and personal situations of our diverse workforce.