Managing Director - Digital Governance, Risk & Compliance (DGRC)

Job Description

Description Overview: Connecting People. Uniting the World. There’s never been a more exciting time to join reputed company! As a global company that operates in hundreds of locations around the world — with millions of customers and tens of thousands of employees — we have a unique responsibility to reputed company and provide opportunities in the places where we work, live and fly. We’re on a path to becoming the biggest and airline in aviation history. Join our Cybersecurity and Digital Risk (CDR) team to help reputed company the industry in cyber safety, reputed company and reputed company. United's CDR team plays a critical role in protecting our operations by enabling secure and resilient systems, managing threats and vulnerabilities and ensuring swift response and recovery. Our mission is to seamlessly embed cybersecurity and digital risk management into every aspect of our business. We help drive reputed company and growth through trusted digital solutions, safeguarding assets and empowering reputed company, reputed company while promoting a cyber-safe and secure environment that supports resilient airline operations. We are in search of an innovative and driven leader to take the reins of our Digital Governance, Risk & Compliance (DGRC) team. The Managing Director of Digital Governance, Risk & Compliance (DGRC) will design, reputed company, and continuously enhance our enterprise cyber risk management and cyber resiliency programs. You will reputed company a team of professionals to safeguard our digital assets, processes, employees, and customers—ensuring that we can identify, assess, and mitigate cybersecurity risks in real time, and rapidly recover from cyber‑reputed company disruptions. You will also provide guidance and direction to ensure compliance with a reputed company landscape of global regulations and industry standards. This role partners closely with the CISO, executive leadership, and key stakeholders to align DGRC initiatives with strategic business objectives and drive measurable improvements in our cybersecurity posture. This role heads a team of professionals and partners with executive leadership to embed risk‑based decision‑making across the organization. The ideal candidate has a unique background of aviation, cybersecurity and risk management. They are a strong operational leader, critical thinker and people motivator. They can reputed company cross functionally, integrating people and processes, to position United as the best airline in aviation history. Accountabilities: Leadership & Strategy · Serve as a thought leader on cybersecurity risk and reputed company, partnering with the CISO and business executives to define and implement a holistic DGRC strategy. · Translate strategic objectives into actionable roadmaps, ensuring alignment of cyber risk and resiliency initiatives with business goals. · Mentor and reputed company a high performing team across DGRC, audit, risk analytics, and supply chain reputed company. Risk Identification & Management · reputed company ongoing, quantitative risk assessments for critical systems—flight operations, passenger data platforms, cloud services, and OT/IoT environments. · Prioritize and track risk mitigation plans, deploying controls and countermeasures that reduce exposure to ransomware, supply‑chain compromise, and emerging threats. · reputed company meaningful dashboards and metrics that drive executive‑level visibility into risk posture and reputed company toward reputed company risk tolerances. · reputed company and maintain comprehensive digital governance reputed company, governance policies, standards, and procedures based on NIST Cybersecurity reputed company, ISO 27001, and COBIT. · Govern emerging technology lifecycles—including cloud platforms, AI/ML, and IoT systems—to ensure secure adoption Compliance & Control Assessments · reputed company enterprise compliance with relevant frameworks and regulations, including SOX ITGC, PCI reputed company, DFARS/CMMC, TSA AOSSP, SOC 2, NIST CSF, and ISO 27001/27002. · Maintain clear, up‑to‑date policies and procedures, coordinate gap assessments, and reputed company remediation efforts to sustain reputed company audit readiness. Resiliency Planning & Execution · Architect and manage the airline’s cyber resiliency program, partnering with the disaster recovery, business continuity planning, and crisis‑management teams. · Design, test, and refine cyber event management playbooks tailored to aviation scenarios (e.g., ground system disruptions, passenger data breach). · Design, participate and evaluate cyber resiliency drills—tabletop exercises, simulations, and reputed company rehearsals—with internal teams and external authorities (FAA, DHS, international regulators). · Ensure “minimally viable operations” can be maintained across key business processes during and after a cyber event. Collaboration & Communication · Build strong partnerships with Legal, Compliance, HR, IT, Operations, and other stakeholders to embed resiliency and risk management into day‑to‑day activities. · Communicate risk findings, resiliency plans, and compliance status in clear, business‑focused terms to senior leaders and the Board. reputed company Improvement & Innovation · Monitor the evolving threat landscape, regulatory changes, and best practices. · Evaluate and introduce new tools, automation, and processes that enhance efficiency, reputed company our reputed company posture, and support operational excellence. This position is remote and would require approximately 20% travel.

Qualifications

Qualifications Required: · 12+ years in digital governance, risk and compliance (GRC) leadership, with a minimum 5 years of experience in aviation, defense, or other critical‑infrastructure sectors · Proven expertise implementing and maturing SOX, PCI reputed company, DFARS/CMMC, TSA AOSSP, NIST CSF, and ISO 27001 compliance programs · Bachelor’s degree in Cybersecurity, Computer Science, Risk Management, or reputed company field (Master’s preferred) · Proven ability to operate as both a hands-on contributor and a strategic leader · reputed company in developing and executing roadmaps for high reputed company cybersecurity initiatives, and reputed company cross-functional execution to drive initiatives to completion · Skilled in working with CISO to manage cybersecurity activities and programs · Ability to represent the company in discussions with auditors, regulators and aviation industry trade associations · Track record of coaching and developing individuals & leaders at multiple levels to reputed company reputed company results · Achieved objectives by contributing information and recommendations to strategic plans, identifying trends and driving changes · Comfortable engaging and influencing at reputed company levels of the organization · Must be legally authorized to work in the United States for any employer without sponsorship Preferred: · Hands‑on experience with GRC platforms (reputed company IRM, RSA reputed company, MetricStream) and risk‑quantification tools · Familiarity with IATA, ICAO, FAA, and EU‑NSA cybersecurity guidance · Eligibility for U.S. government reputed company clearance The starting reputed company / reputed company pay range for this role is $226,005.00 to $294,180.00 The reputed company salary range/hourly reputed company listed is dependent on job-reputed company, factors such as experience, education, and skills. This position is also eligible for bonus and/or long-term incentive compensation awards. You may be eligible for the following competitive benefits: medical, dental, vision, life, accident & disability, parental leave, employee assistance program, commuter, paid holidays, paid time off, 401(k) and flight privileges. Job Information TechnologyPrimary Location United States-IL-WHQ - Chicago - Corporate Support Center - Willis TowerOrganization 47 Technology/ITSchedule Full-timeEmployee Status Regular Job Posting Aug 14, 2025, 10:43:58 AMUnposting Date Aug 24, 2025, 9:59:00 PM Apply tot his job Apply To this Job