Our Company

At Teradata, we believe that people thrive when empowered with better information. That's why we built the most complete cloud analytics and data platform for AI. By delivering harmonized data, trusted AI, and faster innovation, we uplift and empower our customers-and our customers' customers-to make better, more confident decisions. The world's top companies across every major industry trust Teradata to improve business performance, enrich customer experiences, and fully integrate data across the enterprise.

What You'll Do

Teradata's Information Security department is seeking a seasoned and dynamic Sr. Director of Information Security Risk to lead the strategic and operational growth of our global Security Risk Management function. This senior leader will report directly to the CISO and be responsible for driving the development, execution, and continuous improvement of our comprehensive cyber risk management program. The successful candidate will shape the program's strategy, framework, and processes, ensuring the effective identification, assessment, mitigation, and communication of risks that could impact Teradata's security posture.

This role demands both technical expertise and strategic insight, requiring a deep understanding of cybersecurity risk management frameworks (e.g., NIST RMF, FAIR, OWASP) and the ability to perform in-depth security risk assessments. The ideal candidate will communicate identified risks effectively to both technical and non-technical stakeholders, including executive leadership, and guide the organization in developing timely and robust risk remediation strategies.

In addition to technical and strategic leadership, the Sr. Director will foster a risk-aware culture, ensuring that security risk management is fully aligned with Teradata's business objectives while maintaining compliance with industry standards and regulatory requirements. This is a pivotal role in influencing the security direction of the organization and building a resilient, forward-thinking security posture.

Key deliverables for this position include developing a risk management strategy that balances innovation with security, leading cross-functional teams to mitigate risks, and embedding risk management into Teradata's global operations. If you are looking to make a significant impact on a global scale by aligning business and security priorities, this role offers an exciting opportunity to shape the future of security risk management at Teradata.

Key Responsibilities:

• Functional Leadership and Development: Lead and manage the cybersecurity risk management team, ensuring all members are motivated, well-trained, and working effectively together. Responsibilities include hiring new team members, conducting performance evaluations, and providing ongoing training and development to foster a culture of continuous improvement, innovation, and accountability. You will collaborate with the Security Operations and Incident Response teams to ensure rapid and effective responses to cyber incidents, incorporating lessons learned into future risk mitigation strategies.
• Risk Management Leadership: Effectively mature the complete cyber risk management program, from strategy creation to execution and continuous improvement. Improve and manage the security risk management program's capabilities, including policies, procedures, and frameworks. Work closely with departments like Product Engineering, Cloud Operations, IT, and others to conduct security risk assessments that meet technical, compliance, and business goals.
• Security Risk Assessments & Control Evaluation: Proactively conduct security risk assessments to identify potential threats, vulnerabilities, and risks within Teradata's infrastructure, systems, and applications. In collaboration with technical teams, plan and perform control effectiveness assessments, evaluating the strength of security controls and identifying areas for improvement. You will maintain a current understanding of industry standards, regulatory requirements, and emerging threats to inform risk assessments and remediation strategies.
• Risk Communication & Stakeholder Engagement: Communicate identified security risks and their potential impact clearly to both technical and non-technical stakeholders, including C-suite executives and senior management. Lead the creation and presentation of detailed reports on risk assessments, including threats, vulnerabilities, and the effectiveness of mitigation measures. Serve as a trusted advisor and subject matter expert on security risks and controls, providing guidance and best practices to cross-functional teams.
• Risk Remediation & Continuous Improvement: Develop and implement strategies for security risk remediation, ensuring timely resolution and alignment with business and compliance requirements. Track and report on the progress of remediation efforts, driving timely closure of open risks and ensuring compliance with Teradata information security policies. Lead efforts to continuously improve the security risk management program, evolving its capabilities in response to new challenges and threats.

What Makes You a Qualified Candidate

• Bachelor's degree in Computer Science, Information Security, Business Administration, or a related field to ensure a solid foundation in the principles underpinning the role.
• 10+ years of experience in security risk assessment and risk management frameworks (e.g., NIST RMF, FAIR, OWASP).
• Strong technical knowledge of security controls, including but not limited to access controls, encryption, network security, cloud security, databases, and vulnerability management.
• Demonstrated experience working within information security related GRC control frameworks (NIST, ISO/IEC 27001, COBIT, COSO, ITIL, PCI DSS, CMMC, SOX, HIPAA), with an understanding of regulatory and compliance requirements such as GDPR, CCPA, FISMA, GLBA, and DORA.
• Proven ability to work collaboratively with engineering and other technical teams to assess and mitigate security risks.
• Experience leading security risk remediation programs, including technical implementation and compliance considerations.

What You'll Bring

• Excellent communication capabilities at all levels, with the ability to articulate complex technical concepts to diverse audiences, including C-Suite executives.
• Strong analytical and problem-solving skills, with attention to detail and accuracy.
• Demonstrated project management skills, with the ability to prioritize tasks and manage multiple projects simultaneously.
• Experience with security assessment tools and methodologies.
• Knowledge of cloud security best practices and technologies (e.g., AWS, Azure, GCP).
• Familiarity with security incident response, vulnerability triaging, and threat assessments.
• Demonstrated expertise in the technical and business aspects of cybersecurity, including understanding of current threats, risk management, and preventive strategies.
• Capacity to navigate a dynamic and agile environment, managing uncertainties and solving complex problems with innovative solutions.
• Recognized certifications in the field such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC), evidencing a commitment to maintaining expertise in cybersecurity.

Why We Think You'll Love Teradata

We prioritize a people-first culture because we know our people are at the very heart of our success. We embrace a flexible work model because we trust our people to make decisions about how, when, and where they work. We focus on well-being because we care about our people and their ability to thrive both personally and professionally. We are an anti-racist company because our dedication to Diversity, Equity, and Inclusion is more than a statement. It is a deep commitment to doing the work to foster an equitable environment that celebrates people for all of who they are.