More jobs:
Job Description & How to Apply Below
This role has been designed as ''Onsite' with an expectation that you will primarily work from an HPE office.
Who We Are
Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today's complex world. Our culture thrives on finding new and better ways to accelerate what's next.
We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good. If you are looking to stretch and grow your career our culture will embrace you. Open up opportunities with HPE.
Job Description
Within HPE, our Operations, Legal and Admin teams work across the business, providing visible accountability and measurable outcomes. With a variety of roles and responsibilities these teams really connect the dots, giving us the essential insights, support and capability to accelerate our transformation to be the world's edge to cloud company. Join us redefine what's next for you.
What You'll Do
About You
You will have expertise in policy creation and lifecycle management, and familiarity with the interdependencies between policy, compliance, and risk management. Your knowledge of various common compliance frameworks used globally will enhance your work. You will work independently and on high-impact projects in fast-paced environments, with advanced expertise across cyber and IT security.
Your experience with GRC tools will be critical. Strong communication skills are essential, enabling you to explain complex technical issues to non-technical audiences.
You will be responsible for
Support the Cybersecurity Policy Refresh Program by helping rewrite and modernize existing policies, standards, and procedures to align with the organization's chosen control framework.
Understand and articulate the relationship between policies and controls — ensuring policy content accurately reflects control intent and operational feasibility.
Collaborate with subject matter experts (SMEs) across Cybersecurity, IT, and Product teams to gather input for policy updates, lifecycle management, and alignment with control assessments.
Support specification audits by reviewing and analyzing technical documentation, verifying policy-to-specification consistency, and tracking updates through their lifecycle.
Manage and respond to policy-related inquiries from across the organization — including ambiguous or 'oddball' questions — by providing clear, accurate, and well-reasoned guidance.
Assist with audit and assessment activities, including gathering policy evidence, mapping controls, and preparing documentation for internal and external audits.
Help maintain the policy inventory, versioning, and review cadence, ensuring policies remain current and traceable to applicable frameworks and standards.
What You Need To Bring
Education & Experience Requirements
Required
Bachelor's degree in Cybersecurity, Information Systems, Public Policy, or a related field.
7+ years of experience in cybersecurity governance, compliance, or policy functions.
Ability to translate technical concepts and control requirements into concise and understandable policy language.
Familiarity with frameworks such as NIST CSF, ISO 27001, Secure Controls Framework (SCF), and SOC 2.
Strong analytical, research, and writing skills.
Preferred
Experience supporting policy lifecycle management, control assessments, or audit readiness activities.
Exposure to technical security domains, such as identity and access management, vulnerability management, or cloud security.
Certifications such as Security+, ISO 27001 Lead Implementer, GRC Professional, or equivalent.
Additional Skills
Accountability, Accountability, Action Planning, Active Learning, Active Listening, Agile Methodology, Bias, Business, Coaching, Creativity, Critical Thinking, Cybersecurity, Data Analysis Management, Data Collection Management (Inactive), Data Controls, Design Thinking, Development…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×