Principal, Cybersecurity Eng 1

Other Jobs To Apply

No other job posts for this day.

<p>DIRECTV is seeking a seasoned cybersecurity leader to serve as Principal, Cybersecurity Engineering with a focus on Governance, Risk, and Compliance. This is a high-impact role responsible for shaping and sustaining DIRECTV's cybersecurity posture across multiple critical domains. The ideal candidate will lead the development and enforcement of security policies, manage third-party vendor risk, drive security awareness initiatives, and provide GRC expertise in support of mergers and acquisitions activity.</p><p></p><p>This role operates with a high degree of autonomy and serves as an escalation point and subject matter authority for complex GRC matters. The successful candidate will work cross-functionally with Legal, Procurement, HR, and executive leadership, including the CSO organization, while also mentoring junior cybersecurity team members and driving program maturity across the enterprise.</p><p></p><p><b>Here’s what you’ll do:</b></p><p><b>Governance, Risk, and Compliance Program Leadership</b></p><ul><li>Adapts and maintains DIRECTV security guidance, policies, and standards based on the NIST Cybersecurity Framework (CSF), ensuring alignment with DIRECTV's Official Security Standard (DOSS) and evolving regulatory and threat landscapes.</li><li>Supports the implementation and ongoing oversight of GRC mechanisms including monitoring of control effectiveness, compliance reporting, and audit preparation activities.</li><li>Contributes to the DIRECTV Security Governance Committee processes by providing GRC subject matter expertise and policy recommendations.</li><li>Develops and maintains documentation supporting accurate regulatory compliance reporting and internal audit readiness.</li></ul><p></p><p><b>Supplier Information Security Management</b></p><ul><li>Develops, maintains, and enforces Supplier Information Security Requirements (SISR) to ensure third-party vendors and partners meet DIRECTV's security standards.</li><li>Manages ongoing supplier security relationships, including conducting security assessments, tracking remediation activities, and escalating risk findings to appropriate stakeholders.</li><li>Collaborates with Procurement, Legal, and business teams to embed security requirements into vendor contracts and onboarding processes.</li></ul><p></p><p><b>Security Awareness and Phishing Simulation Program</b></p><ul><li>Designs, executes, and evaluates phishing simulation campaigns using Proofpoint and related security awareness platforms in alignment with DOSS requirements (GV-SAT-8).</li><li>Analyzes simulation results and awareness assessment data to identify organizational risk trends and recommend targeted training interventions.</li><li>Coordinates with HR and business units to ensure security awareness training is current, relevant, and completed by all required personnel (GV-SAT-2, GV-SAT-6).</li><li>Develops communication strategies to promote security awareness across DIRECTV stakeholder groups (GV-SAT-7).</li></ul><p></p><p><b>Mergers and Acquisitions Security Support</b></p><ul><li>Provides cybersecurity GRC support for M&A activities, including pre-acquisition security due diligence, risk assessments, and post-merger security integration planning.</li><li>Identifies and communicates security risks associated with target organizations and recommends risk mitigation strategies to leadership.</li><li>Collaborates with cross-functional M&A teams to ensure security requirements are incorporated into integration roadmaps and timelines.</li></ul><p></p><p><b>Security Project Engagement Leadership</b></p><ul><li>Leads security project engagements from initiation through completion, coordinating with technical teams, business stakeholders, and external partners.</li><li>Develops project plans, tracks milestones, manages risks, and communicates status to senior leadership including the CSO organization.</li><li>Provides expert guidance and mentoring to less experienced cybersecurity team members on GRC practices, project execution, and security standards.</li><li>Serves as an escalation point for complex GRC-related security issues requiring senior expertise and decision-making authority.</li></ul><p></p><p><b>What you’ll need to be successful:</b></p><p><b>Experience and Education</b></p><ul><li>3 – 5 years of progressive experience in cybersecurity with a strong concentration in GRC.</li><li>Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field preferred; advanced degree a plus.</li><li>Demonstrated experience leading enterprise-level GRC programs in a complex, matrixed organization.</li></ul><p></p><p><b>Frameworks and Regulatory Knowledge</b></p><ul><li>Deep working knowledge of the NIST Cybersecurity Framework (CSF).</li><li>Familiarity with regulatory compliance requirements relevant to the media and telecommunications industry.</li><li>Experience developing and maintaining security policies, standards, and control documentation.</li></ul><p></p><p><b>Third-Party and Vendor Risk Management</b></p><ul><li>Proven track record managing supplier information security programs, including assessments, remediation tracking, and contract-level security requirements.</li><li>Experience collaborating with Procurement and Legal teams to embed security into vendor lifecycle processes.</li></ul><p></p><p><b>Security Awareness</b></p><ul><li>Hands-on experience designing and managing phishing simulation programs, preferably using Proofpoint.</li><li>Ability to analyze awareness program data and translate findings into targeted training strategies.</li><li>Experience coordinating enterprise-wide security awareness campaigns across diverse stakeholder groups.</li></ul><p></p><p><b>Mergers and Acquisitions</b></p><ul><li>Prior involvement in M&A cybersecurity due diligence, risk assessments, and post-merger integration planning is strongly preferred.</li></ul><p></p><p><b>Project and Program Leadership</b></p><ul><li>Demonstrated ability to lead security projects from initiation through completion, managing timelines, risks, and executive-level communications.</li><li>Experience mentoring and developing cybersecurity professionals.</li></ul><p></p><p><b>Certifications (Preferred)</b></p><ul><li>CISSP, CISM, CRISC, or equivalent industry-recognized certification</li></ul><p></p><p>May require a background check due to job duties requiring routine access to DIRECTV and DIRECTV customer’s proprietary data. Qualified applicants with arrest and conviction will be considered for employment in accordance with local ordinances and state law.</p><p></p><p><b>This is a remote position that can be located anywhere in the contiguous United States. #LI-Remote</b></p><p></p><p><b>A career with us comes with big rewards:</b></p><p>DIRECTV's compensation structure is designed to be market-competitive and fully supports efforts to attract and retain employees. It is the company's policy to offer pay that is competitive with other employers in the local market. Our salary ranges are determined by role, level, and location.</p><p></p><p>The Base Salary range displayed below reflects the minimum and maximum target salary for each of DIRECTV's 4 (four) US Labor Market Zones. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.</p><p></p><p><b>DIRECTV WAGE ZONES: $122,194 - $221,818</b></p><p>Low (N1): $122,194 - $183,241</p><p>Mid (N2): $128,625 - $192,885</p><p>High (N3): $141,488 - $212,174</p><p>Top (N4): $147,919 - $221,818</p><p></p><p>Click <a href="https://tbcdn.talentbrew.com/company/390/pdf/GeoZone-by-DMA-003.pdf" target="_blank" rel="noopener noreferrer">HERE</a> to review information on some of the largest Designated Market Areas (DMAs). Your recruiter can share more about the specific salary range for your preferred location during the hiring process.</p><p></p><p>Please note that the salary ranges reflect base salary only and do not include bonus or benefits - when you consider all of these together, it represents a pretty impressive total compensation package.</p><p></p><p><b>Apply today!</b></p><h3></h3><h3><a href="https://tbcdn.talentbrew.com/company/390/pdf/fcoe-official-notice-eng-final-8302024.pdf" target="_blank" rel="noopener noreferrer">Fair Chance Ordinance Notice for Los Angeles County applying for jobs at DIRECTV</a></h3><h3><a href="https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftbcdn.talentbrew.com%2Fcompany%2F390%2Fpdf%2Fcompliance-notice_use-of-ai-tools-in-recruiting.pdf&data=05%7C02%7Cmeagan.ferguson%40mydirectv.com%7Ccf00954423ef4263d61508dcceb9bc3f%7C1fa4c340b92947f89c9e2dedad770c08%7C0%7C0%7C638612545930333378%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=%2FK99YjzUssJZz1%2BNt6W%2BkIGrbcVT7tdsNqmhxcZPYBA%3D&reserved=0" target="_blank" rel="noopener noreferrer">Compliance Notice Regarding Use of Automated Decision-Making Tools in Hiring Process</a></h3>

Back to blog

Common Interview Questions And Answers

1. HOW DO YOU PLAN YOUR DAY?

This is what this question poses: When do you focus and start working seriously? What are the hours you work optimally? Are you a night owl? A morning bird? Remote teams can be made up of people working on different shifts and around the world, so you won't necessarily be stuck in the 9-5 schedule if it's not for you...

2. HOW DO YOU USE THE DIFFERENT COMMUNICATION TOOLS IN DIFFERENT SITUATIONS?

When you're working on a remote team, there's no way to chat in the hallway between meetings or catch up on the latest project during an office carpool. Therefore, virtual communication will be absolutely essential to get your work done...

3. WHAT IS "WORKING REMOTE" REALLY FOR YOU?

Many people want to work remotely because of the flexibility it allows. You can work anywhere and at any time of the day...

4. WHAT DO YOU NEED IN YOUR PHYSICAL WORKSPACE TO SUCCEED IN YOUR WORK?

With this question, companies are looking to see what equipment they may need to provide you with and to verify how aware you are of what remote working could mean for you physically and logistically...

5. HOW DO YOU PROCESS INFORMATION?

Several years ago, I was working in a team to plan a big event. My supervisor made us all work as a team before the big day. One of our activities has been to find out how each of us processes information...

6. HOW DO YOU MANAGE THE CALENDAR AND THE PROGRAM? WHICH APPLICATIONS / SYSTEM DO YOU USE?

Or you may receive even more specific questions, such as: What's on your calendar? Do you plan blocks of time to do certain types of work? Do you have an open calendar that everyone can see?...

7. HOW DO YOU ORGANIZE FILES, LINKS, AND TABS ON YOUR COMPUTER?

Just like your schedule, how you track files and other information is very important. After all, everything is digital!...

8. HOW TO PRIORITIZE WORK?

The day I watched Marie Forleo's film separating the important from the urgent, my life changed. Not all remote jobs start fast, but most of them are...

9. HOW DO YOU PREPARE FOR A MEETING AND PREPARE A MEETING? WHAT DO YOU SEE HAPPENING DURING THE MEETING?

Just as communication is essential when working remotely, so is organization. Because you won't have those opportunities in the elevator or a casual conversation in the lunchroom, you should take advantage of the little time you have in a video or phone conference...

10. HOW DO YOU USE TECHNOLOGY ON A DAILY BASIS, IN YOUR WORK AND FOR YOUR PLEASURE?

This is a great question because it shows your comfort level with technology, which is very important for a remote worker because you will be working with technology over time...