Director of Security Risk and Cybersecurity Compliance

Progressive Leasing is a leading provider of in-store and e-commerce lease-to-own solutions. As an almost 20+ year old FinTech company that has gone from start-up to industry leader, we know how to innovate, simplify, and value all people.

We are a company founded on our grit and we are constantly looking to the future. As an ever-evolving group of entrepreneurs and technologists, we strive to do the right thing period in all aspects of our work.

We are a subsidiary of PROG Holdings (NYSE : PRG), an exciting FinTech holding company, with three business segments including Progressive, Vive Financial, and Four, a Buy Now Pay Later (BNPL) platform.

Progressive Leasing is a leading provider of in-store and e-commerce lease-to-own solutions. As an almost 20+ year old FinTech company that has gone from start-up to industry leader, we know how to innovate, simplify, and value all people.

We are a company founded on our grit and we are constantly looking to the future. As an ever-evolving group of entrepreneurs and technologists, we strive to do the right thing period in all aspects of our work.

We are a subsidiary of PROG Holdings (NYSE : PRG), an exciting FinTech holding company, with three business segments including Progressive, Vive Financial , and Four , a Buy Now Pay Later (BNPL) platform.

We are currently hiring a Director of Security Risk and Cybersecurity Compliance to join our exciting Information Security Team and help Progressive Leasing grow!

This role is a work from home position and can be performed remotely anywhere in the continental US or in our corporate office in Utah.

WE ARE : A team of Information Security professionals with a sharp focus on security and reliability. As a leading SaaS fintech company, we are dedicated to safeguarding our clients' data with the most advanced information security practices in the industry.

Joining our InfoSec team means you'll be at the forefront of defending against cyber threats, leveraging cutting-edge technologies, and contributing to a culture that values innovation and excellence in every aspect of security.

Your work here will not only protect our systems but also shape the future of financial security.

YOU ARE : As the Director of Security Risk and Cybersecurity Compliance, you are a seasoned professional with extensive experience in cybersecurity, risk management, and regulatory cybersecurity compliance.

You possess a deep understanding of industry best practices, legal requirements, and emerging threats in the cybersecurity landscape.

You are a strategic thinker with exceptional leadership skills, capable of guiding and directing teams to ensure the security and cyber security compliance posture of the organization.

Your day-to-day :

• Strategic Planning : Develop and implement comprehensive security risk management strategies aligned with the organization's objectives and industry standards.
• Cybersecurity Compliance Oversight : Oversee all aspects of cybersecurity compliance. Collaborate with Legal and Compliance Departments in implementing cybersecurity controls related to Privacy.

Have familiarity with GDPR, HIPAA, PCI DSS, SOX, etc., ensuring adherence to relevant standards, laws, and regulations.

• Risk Assessment : Conduct regular risk assessments to identify potential security threats and vulnerabilities and develop mitigation strategies to address them.
• Policy Development : Develop, review, and update security policies, procedures, and guidelines to ensure they reflect current best practices and cybersecurity compliance requirements.
• Security Incident Response : Lead the incident response team in promptly responding to and mitigating security incidents, including conducting post-incident reviews and implementing corrective actions.
• Vendor Management : Evaluate and manage third-party vendors and service providers to ensure they meet security and cybersecurity compliance requirements.
• Security Awareness : Promote a culture of security awareness and cybersecurity compliance throughout the organization through training programs, workshops, and communication campaigns.
• Collaboration : Collaborate with cross-functional teams, including IT, legal, finance, and operations, to integrate security and cybersecurity compliance considerations into business processes and decision-making.
• Reporting : Prepare and present regular reports to executive leadership and relevant stakeholders on the organization's security and cybersecurity compliance posture, including key metrics, findings, and recommendations.
• Continuous Improvement : Stay abreast of industry trends and emerging threats to continuously improve the organization's security and cybersecurity compliance programs.

You will bring :

• Experience : Proven experience in cybersecurity, risk management, and cybersecurity compliance, preferably in a leadership role.
• Expertise : In-depth knowledge of security frameworks, standards, and requirements (e.g., NIST, ISO 27001, GDPR, HIPAA, etc.).
• Leadership Skills : Strong leadership and managerial skills with the ability to inspire, motivate, and mentor teams.
• Analytical Thinking : Excellent analytical and problem-solving skills with the ability to assess complex situations and make sound decisions.
• Communication : Exceptional communication and interpersonal skills with the ability to effectively interact with stakeholders at all levels of the organization.
• Adaptability : Flexibility and adaptability to navigate a fast-paced and constantly evolving cybersecurity landscape.
• Certifications : Relevant certifications such as CISSP, CISM, CRISC, or similar are highly desirable.

Join our team and play a pivotal role in safeguarding our organization's assets, reputation, and success through effective security risk management and cybersecurity compliance practices.

Progressive Leasing welcomes and encourages diversity in the workplace. We do not discriminate in any aspect of employment on the basis of race, color, religion, national origin, ancestry, gender, sexual orientation, gender identity and / or expression, age, veteran status, disability, or any other characteristic protected by federal, state, or local employment discrimination laws where Progressive Leasing does business.