Skip to main content
TryApplyNow logo
Asurion logo

Senior Director, Cyber Risk and Trust

Asurion
Full Timesenior
Sterling - Pacific BoulevardPosted 18 days ago

Role Overview

Asurion is hiring a Senior Director, Cyber Risk and Trust. This is a full-time role in Sterling - Pacific Boulevard. posted 2 weeks ago. Full responsibilities, required qualifications, and the apply link are listed in the description below.

Resume Keywords to Include

Make sure these keywords appear in your resume to improve ATS scoring

HITRUSTORRisk ManagementProcurementOnboardingOffboardingComplianceGDPR

Job description

Position Overview

Asurion is seeking a Sr. Director, Cyber Risk and Trust, to lead the enterprise function responsible for strengthening customer trust, governing cybersecurity risk, enabling regulatory and framework alignment, and advancing a security-aware culture. Reporting to the Chief Information Security Officer, this leader will own and mature programs spanning customer audit and compliance, cyber risk management, policy and standards governance, control framework alignment, third-party cyber risk, and cyber awareness and culture.

The ideal candidate is a strategic, business-oriented cybersecurity leader who translates complex security, compliance, and regulatory requirements into clear decisions, scalable governance processes, measurable risk reduction, and stronger customer confidence. This leadership role requires executive presence, deep cybersecurity governance expertise, and the ability to influence senior stakeholders while coaching a high-performing team.

Key Responsibilities

  • Define and execute the Cyber Risk and Trust strategy, operating model, roadmap, and metrics, delivering an enterprise-wide approach to governance, risk, compliance, assurance, and trust enablement.
  • Partner with security, technology, legal, privacy, procurement, internal audit, product, sales, and business leaders to prioritize and remediate cyber risk, and to align security with business objectives.
  • Develop executive reporting that communicates risk posture, control maturity, audit readiness, policy compliance, third-party exposure, customer assurance activity, awareness effectiveness, and progress against objectives.
  • Own the customer-facing trust and assurance program, including audits, security questionnaires, evidence requests, and attestations; standardize evidence, reduce cycle time, and maintain a customer-ready trust repository.
  • Lead the enterprise cyber risk management program, including methodologies, assessments, quantification, treatment, exception management, and a maintained risk register with clear ownership and remediation tracking.
  • Establish and govern cybersecurity policies and standards; run approval forums, manage exceptions, and ensure requirements are enforceable, measurable, and mapped to business needs and control owners.
  • Drive regulatory and framework alignment across NIST, ISO, SOC 2, CIS Controls, PCI DSS as applicable, and international models (UK, Germany, Japan, Korea, Singapore, Latin America); lead mappings, gap analyses, and remediation plans.
  • Lead third-party cyber risk management across inherent risk tiering, due diligence, validation, monitoring, issue tracking, and reporting; embed requirements into sourcing, contracting, onboarding, and offboarding.
  • Build a modern, behavior-focused cyber awareness and culture program with role-based training, campaigns, and simulations; measure impact through behavior and incident metrics.
  • Recruit, develop, and lead a high-performing team across assurance, risk, governance, third-party risk, and awareness; establish operating rhythms, SLAs, intake, prioritization, and quality standards.
  • Represent the function in executive forums, customer meetings, and governance committees; translate technical issues into business impact and decision-ready recommendations; serve as a senior escalation point.

Education and Experience

  • Masters degree or higher in cybersecurity, information systems, computer science, risk management, business, or related field, or equivalent practical experience preferred.
  • 15+ years of progressive experience in cybersecurity, technology risk, GRC, security assurance, audit, third-party risk, or related disciplines.
  • 12+ years leading teams, managers, or cross-functional cybersecurity programs in complex enterprise environments.
  • Demonstrated leadership in cybersecurity governance, risk management, compliance, customer assurance, policy and standards, third-party risk, and security awareness programs.
  • Deep knowledge of NIST CSF, NIST SP 800-series, ISO/IEC 27001/27002, SOC 2 Trust Services Criteria, and CIS Controls.
  • Strong working knowledge of international frameworks and expectations in the UK, Germany, Japan, Korea, Singapore, and Latin America.
  • Experience leading customer audits, security questionnaires, contractual security reviews, and external assurance activities with standardized evidence management.
  • Experience developing and operationalizing cybersecurity policies, standards, and procedures; conducting control maturity assessments and framework mappings.
  • Experience building and operating third-party cyber risk management programs with risk-based assessments and ongoing monitoring.
  • Proven ability to communicate cyber risk to executive, technical, legal, commercial, and customer audiences, balancing risk reduction with business velocity.
  • Preferred: Master’s degree in a relevant field; certifications such as CISSP, CISM, CRISC, CISA, ISO/IEC 27001 Lead Implementer or Lead Auditor, CGEIT, CCSP, CIPM, CIPT, CDPSE.
  • Preferred: Experience in large global enterprises; board and ERM reporting; GRC and TPRM platforms; trust centers and questionnaire automation; privacy regimes (GDPR, CCPA/CPRA, LGPD, PIPA, APPI, PDPA); and assurance programs (ISO/IEC 27001, SOC 2, PCI DSS, HITRUST, CSA STAR).

Knowledge, Skills, and Abilities

  • Executive presence with the ability to influence senior stakeholders and represent cybersecurity to customers and internal leadership.
  • Strong risk judgment and pragmatic decision-making that balances regulatory obligations, customer commitments, and operational feasibility.
  • Expertise in policy and standards governance, control design, audit readiness, and evidence management.
  • Ability to build scalable governance processes, metrics, KRIs, and clear reporting for executives and boards.
  • Deep understanding of third-party risk, contractual security terms, right-to-audit provisions, and ongoing monitoring practices.
  • Skilled in change leadership, process improvement, and cultivating a positive, accountable security culture.
  • Outstanding written and verbal communication; simplifies complex technical and regulatory topics for diverse audiences.
  • People leadership that develops talent, sets clear expectations, and builds high-performing, customer-oriented teams.

Travel Requirements

N/A

Physical Demands

  • Stationary Position: Frequently
  • Vision: 20/20 corrected vision
  • Hearing: Receive detailed information if spoken to

About Asurion

Asurion logo

Asurion

asurion.com

On-site

172 other open roles at Asurion on TryApplyNow.

Frequently Asked Questions

How do I apply for the Senior Director, Cyber Risk and Trust position at Asurion?

Use the Apply button above to submit your application directly to Asurion. Most applications take less than 5 minutes if your resume and contact details are ready, and you'll be routed to the employer's official application system to finish.

Where is the Senior Director, Cyber Risk and Trust position at Asurion located?

This position is based in Sterling - Pacific Boulevard. Asurion has not indicated remote or hybrid options for this role, so candidates should plan for on-site work.

What does a Senior Director, Cyber Risk and Trust at Asurion earn?

Asurion has not disclosed a salary range in this posting. Many employers share specifics later in the interview process; you can also ask during a recruiter screen if compensation transparency is important to you.

When was the Senior Director, Cyber Risk and Trust role at Asurion posted?

This role was posted on June 30, 2026 (18 days ago). It's still listed as actively hiring; we re-confirm openings against the source system multiple times per day and remove closed roles.

How much experience does the Senior Director, Cyber Risk and Trust role at Asurion require?

This is a senior-level position. Most senior roles call for 5+ years of directly relevant experience. Asurion lists their specific requirements in the description below, so review the must-have qualifications closely before applying.

AI-powered job search

Get every job scored to your resume

Upload your resume and get jobs ranked, your resume tailored, and employee contacts found automatically.

Get started free

No credit card to start