Director Enterprise Security Governance

Full Time Perm Way of Work :

Hybrid

Salary:

$155,400 - $233,100, plus equity and 25% annual bonus

Location:

Columbus, OH or Merrillville, IN

Relocation Assistance Provided

The Director of Enterprise Security Governance supports the Chief Information Security Officer (CISO) and will focus on maintaining and maturing the enterprise-wide corporate security program commensurate with NiSource's risk tolerance. In this role you will be response for leading the development and implementation of a comprehensive cybersecurity risk management program. This role involves establishing a governance framework for managing cyber risk, integrating cyber risks into the enterprise risk management strategy, and providing regular reporting to executive leadership. The Director of Enterprise Security Governance will collaborate with various teams to ensure that cybersecurity risks are effectively managed within the context of broader business risks. Overall in this role you will ensure the cybersecurity program is compliant and risk is being reduced. This leader must have proven experience in successfully implementing and maintaining a cybersecurity risk management program which includes vendor management.

Your responsibilities may include, but are not limited to:

- Develop and oversee the governance structure for integrating cyber risk into the enterprise risk management framework. Ensure that cyber risks are aligned with overall business risks and priorities.

- Lead the cybersecurity team in conducting risk assessments to identify, assess, prioritize, and mitigate potential security vulnerabilities and risks. Develop and implement structured processes to continuously monitor and manage threats to the company's assets.

- Drive the development and maintenance of cyber security policies, standards, and procedures in alignment with national frameworks, best practices, and regulatory requirements (e.g., NIST, NERC, TSA Gas) to ensure comprehensive protection exists to ensure a safe, secure, and resilient technology environment and information assets. Enforce compliance with relevant regulations and standards, including NERC, SOX, PCI DSS, and other federal and state regulations.

- Receive assessment/ audit findings, legal obligations, compliance, and regulatory requirements as input to policy development; manage remediation activities.

- Assess and enhance the control environment by identifying gaps and recommending improvements.

- Create a cybersecurity awareness culture, ensuring appropriate focus on cybersecurity initiatives, and providing executive leadership reporting to assist the CISO.

- Stay current on the latest threats and security trends to proactively address potential risks.

- Represent NiSource in, and contribute to, industry forums and regulatory engagements to enhance the cybersecurity related legal and regulatory environment.

You must possess the below minimum qualifications to be initially considered for this position. Preferred qualifications are in addition to the minimum requirements and are considered a plus factor in identifying top candidates.

Minimum Qualifications

- Bachelor's degree or relevant work experience. - 15+ years of experience in enterprise-wide cybersecurity program governance, or an equivalent combination of education and work experience - 10+ years of experience leading and working within a collaborative, cross-functional, team-based environment - 5+ years of experience implementing NIST Cybersecurity Framework (CSF) and other industry standards. - 5+ years of experience in developing, implementing, and managing cybersecurity policies, procedures, and standards

Preferred Qualifications

- CISSP Certified Information Systems Security Professional Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or relevant certification

Disclaimer

The preceding description is not designed to be a complete list of all duties and responsibilities required of the position.

#OhioMeansJobs #ColumbusOH #Columbus #OhioTech #Hybrid #NiSource #EnergyJobs #Utility #Utilities #WomenImpactTech #NICEFrameworkOGWRL002 #SecurityGovernance #NIST #Cyber #Cybersecurity #CISSP #Risk #ISC2 #RiskAssessment #NowHiring #NERC #CyberGovernance #CyberRisk #Security

As a public utility, NiSource is required to provide continuous service to customers at all times. To ensure we fulfill that obligation, employees may be required to work outside their normal work hours and perform tasks outside of their normal responsibilities in support of emergency operations. Work Authorization

Authorized to work in the United States without requiring sponsorship.

Workplace Connection

Value inclusion within your day to day responsibilities by respecting others perspectives/convictions, engaging others opinions, creating a safe environment where people, ideas, and opinions are valued within your Team/Customers and external partners.

Respect the unique lived experiences within your Team/Customers and external work partners by valuing different world views, challenges, and cultures that represents all walks of life and all backgrounds.

Treat others with respect and consideration. Actively participate in creating and contributing to a positive work environment.

Equal Employment Opportunity

NiSource is committed to providing equal employment opportunities in each of its companies to all employees and applicants for employment without regard to race, color, religion, national origin or ancestry, veteran status, disability, gender, age, marital status, sexual orientation, gender identity, sex (including pregnancy, lactation, childbirth or related medical conditions), genetic information, citizenship status, or any protected group status as defined by law. Each employee is expected to abide by this principle.

By applying, you may be considered for other job opportunities. Safety Statement

Promote a safe work environment by actively participating in all aspects of our employee safety program. Report any unsafe conditions and take actions to prevent personal injuries. Support our interdependent safety culture by ensuring the safety of your co-workers. Stay focused on the task at hand and promote productivity through good work habits.

Salary Range*:

$155,400.00 - $233,100.00

- The salary offered to a candidate is based on several factors including but not limited to the candidate’s skills, job-related knowledge, and relevant experience, as well as internal pay equity.

Posting Start Date:

2025-08-15

Posting End Date (if applicable):

2025-09-02

Please note that the job posting will close on the day before the posting end date.