Director Information Risk Program Office


Location: Riverwoods, Illinois

Job Type: Not Specified


Discover. A brighter future.

With us, you’ll do meaningful work from Day 1. Our collaborative culture is built on three core behaviors: We Play to Win, We Get Better Every Day & We Succeed Together. And we mean it — we want you to grow and make a difference at one of the world's leading digital banking and payments companies. We value what makes you unique so that you have an opportunity to shine.

Come build your future, while being the reason millions of people find a brighter financial future with Discover.

Job Description

Provides direction and oversight of the information security program risk management activities. Drives policies and standards to mature risk management and ensure compliances with laws and regulations. Leads third-party information security risk management efforts. Identifies information security risk to the organization and provides reporting that informs business decisions. Reports status, manages issues and mitigates risks. Provides supervision to employees and manages individual/team performance and development.

  • Provide oversight and effective challenge of DFS' information security program through controls testing, program and project reviews. Build KRI, KPI and other metrics to develop cyber risk posture and inform decisions
  • Author and annual information security risk assessment report on DFS cyber risk posture. Comply with all regulatory requirements. Present results of various assessments and risks to risk committees and appropriate regulatory agencies.
  • Set policy standard and provide oversight for information security risk management. Partner with and influence business leaders and key stakeholders to mature risk management and business resiliency.
  • Partner with lines of business and corporate functions to ensure appropriate due diligence is performed to manage third party information security risk.
  • Develop and lead a high-performing, cohesive and collaborative team focused on identifying opportunities to mitigate risk and mature the information security programs, including third party information security. Attract and develop technical talent, risk professionals and leaders across the department.

Minimum Qualifications

At a minimum, here’s what we need from you:

  • Bachelor's Degree in Information security, Cybersecurity, Engineering, Risk Management, Business Administration or related field
  • 8+ years of experience in Cyber/Information security, Information Technology Security, Military, Financial Services or related field
  • 10+ years of experience leading teams and attracting/developing talent
  • In lieu of a degree, 15+years of experience Information security, Cybersecurity, Engineering, Risk Management, Business Administration or related field
  • CISSP, CISM, GSLC or CRISC certification

Preferred Qualifications

If we had our say, we’d also look for:

  • 10+ years of experience in people management
  • 15+ years of experience in Information security, Cybersecurity, Engineering, Risk Management, Business Administration or related field
  • Strong understanding or risk frameworks and risk methodologies
  • Masters Degree in Cyber/Information Security, Engineering, Risk Management, Business Administration or related field

What are you waiting for? Apply today!

The same way we treat our employees is how we treat all applicants – with respect. Discover Financial Services is an equal opportunity employer (EEO is the law). We thrive on diversity & inclusion. You will be treated fairly throughout our recruiting process and without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status in consideration for a career at Discover.

You’ve got this!