Sr. Manager of Cybersecurity Governance, Risk Mgmt & Compliance
United Rentals Life, Stamford, CT, United States
Great company. Great people. Great opportunities. Build your future with United Rentals, a leading equipment rental provider.
The Sr. Manager of Cybersecurity GRC (Governance, Risk Management & Compliance) leads the firm's GRC and data privacy strategy, owns the multi‑year roadmap, manages the cybersecurity budget, and serves as the primary liaison to executive leadership and the Board.
Key Responsibilities Policy, Procedure, and Standards Governance
Lead the development, maintenance, and enforcement of a comprehensive cybersecurity policy framework aligned to ISO, NIST, and company values.
Translate complex regulatory requirements into actionable, auditable operating procedures.
Serve as the organizational Center of Excellence for security standards, proactively updating them in anticipation of emerging mandates and industry trends.
Strategic Planning & Budgeting
Own the multi‑year cybersecurity roadmap and align investments to enterprise strategy.
Manage the cybersecurity budget, optimizing security to value across talent, tooling, and third‑party services.
Compliance & Data Privacy
Direct implementation and continuous review of global and sectoral mandates (GDPR, PCI DSS, DFARS/CMMC, CCPA/CPRA, SOX).
Engage with external vendors and auditors on cybersecurity oversight and assurance.
Risk Management & Reporting
Convert technical risks into quantified business impacts to inform prioritization and investment.
Maintain the Enterprise Cyber Risk Register and integrate it with the broader ERM framework.
Establish and report KRIs & KPIs to the Board and Executive Leadership.
Third‑Party & Vendor Risk Management (TPRM)
Manage the end‑to‑end lifecycle of vendor security from due diligence to continuous monitoring.
Partner with Legal and Procurement to ensure robust security and privacy terms in third‑party agreements.
Adversarial Readiness & Incident Response
Lead red team, penetration testing, and cyber maturity assessment programs.
Serve as a key member of the incident response command structure with emphasis on regulatory and crisis workstreams during a breach.
Security Culture & Awareness
Design and deliver high‑impact training that builds true security ownership.
Run advanced phishing and social engineering simulations.
Promote a culture of cyber awareness and compliance.
Data Privacy & DLP
Define the enterprise strategy for data classification, tagging, tracking, and handling.
People Leadership & Organizational Development
Direct, mentor, and develop teams; establish goals, performance expectations, and development plans.
Foster a culture of collaboration, accountability, and continuous improvement.
Other duties as assigned.
Requirements
Education/Certifications: CRISC, CGEIT, CISM, or CISA required. CISSP preferred.
10+ years in Cybersecurity, with at least 5 years in a leadership role managing complex GRC functions.
Deep familiarity with NIST Cybersecurity Framework, ISO 27001, and international data transfer legal nuances.
Experience with GDPR, CMMC readiness, DFARS compliance, and incident reporting protocols.
Office environment; hybrid (sitting at a desk at a computer).
Occasional travel.
Respond to incidents in off‑hours.
Candidate will be hired as a Senior Manager or Manager depending on experience.
Benefits
Paid Parental Leave.
United Compassion Fund.
Employee Discount Program.
Career Development & Promotional Opportunities.
Additional Vacation Buy‑Up Program (US Only).
Early Wage Access through PayActiv (US Hourly Only).
Paid Sick Leave.
Inclusive and welcoming culture.
United Rentals, Inc. is an Equal Opportunity Employer and makes employment decisions regardless of race, color, religion, sex, national origin, age, genetic information, citizenship status, veteran status, sexual orientation, gender identity, disability, or any other status protected by law. If you need a reasonable accommodation at any point of the application process, please email careers@ur.com for assistance.
At United Rentals, we proudly hire active duty members, veterans, reservists, and their families. The values that define your service—leadership, discipline, integrity, and teamwork—are the same values that drive our success.
United Rentals consists of a wide variety of roles with different duties and responsibilities. The actual pay rate offered to candidates varies depending on a wide range of factors including specific position, location, education, training, experience, skills, and ability.
#J-18808-Ljbffr
The Sr. Manager of Cybersecurity GRC (Governance, Risk Management & Compliance) leads the firm's GRC and data privacy strategy, owns the multi‑year roadmap, manages the cybersecurity budget, and serves as the primary liaison to executive leadership and the Board.
Key Responsibilities Policy, Procedure, and Standards Governance
Lead the development, maintenance, and enforcement of a comprehensive cybersecurity policy framework aligned to ISO, NIST, and company values.
Translate complex regulatory requirements into actionable, auditable operating procedures.
Serve as the organizational Center of Excellence for security standards, proactively updating them in anticipation of emerging mandates and industry trends.
Strategic Planning & Budgeting
Own the multi‑year cybersecurity roadmap and align investments to enterprise strategy.
Manage the cybersecurity budget, optimizing security to value across talent, tooling, and third‑party services.
Compliance & Data Privacy
Direct implementation and continuous review of global and sectoral mandates (GDPR, PCI DSS, DFARS/CMMC, CCPA/CPRA, SOX).
Engage with external vendors and auditors on cybersecurity oversight and assurance.
Risk Management & Reporting
Convert technical risks into quantified business impacts to inform prioritization and investment.
Maintain the Enterprise Cyber Risk Register and integrate it with the broader ERM framework.
Establish and report KRIs & KPIs to the Board and Executive Leadership.
Third‑Party & Vendor Risk Management (TPRM)
Manage the end‑to‑end lifecycle of vendor security from due diligence to continuous monitoring.
Partner with Legal and Procurement to ensure robust security and privacy terms in third‑party agreements.
Adversarial Readiness & Incident Response
Lead red team, penetration testing, and cyber maturity assessment programs.
Serve as a key member of the incident response command structure with emphasis on regulatory and crisis workstreams during a breach.
Security Culture & Awareness
Design and deliver high‑impact training that builds true security ownership.
Run advanced phishing and social engineering simulations.
Promote a culture of cyber awareness and compliance.
Data Privacy & DLP
Define the enterprise strategy for data classification, tagging, tracking, and handling.
People Leadership & Organizational Development
Direct, mentor, and develop teams; establish goals, performance expectations, and development plans.
Foster a culture of collaboration, accountability, and continuous improvement.
Other duties as assigned.
Requirements
Education/Certifications: CRISC, CGEIT, CISM, or CISA required. CISSP preferred.
10+ years in Cybersecurity, with at least 5 years in a leadership role managing complex GRC functions.
Deep familiarity with NIST Cybersecurity Framework, ISO 27001, and international data transfer legal nuances.
Experience with GDPR, CMMC readiness, DFARS compliance, and incident reporting protocols.
Office environment; hybrid (sitting at a desk at a computer).
Occasional travel.
Respond to incidents in off‑hours.
Candidate will be hired as a Senior Manager or Manager depending on experience.
Benefits
Paid Parental Leave.
United Compassion Fund.
Employee Discount Program.
Career Development & Promotional Opportunities.
Additional Vacation Buy‑Up Program (US Only).
Early Wage Access through PayActiv (US Hourly Only).
Paid Sick Leave.
Inclusive and welcoming culture.
United Rentals, Inc. is an Equal Opportunity Employer and makes employment decisions regardless of race, color, religion, sex, national origin, age, genetic information, citizenship status, veteran status, sexual orientation, gender identity, disability, or any other status protected by law. If you need a reasonable accommodation at any point of the application process, please email careers@ur.com for assistance.
At United Rentals, we proudly hire active duty members, veterans, reservists, and their families. The values that define your service—leadership, discipline, integrity, and teamwork—are the same values that drive our success.
United Rentals consists of a wide variety of roles with different duties and responsibilities. The actual pay rate offered to candidates varies depending on a wide range of factors including specific position, location, education, training, experience, skills, and ability.
#J-18808-Ljbffr