Director of Cyberernance Management (Remote)The SouthState story is one of steady growth, deepmunity roots, and an unwaveringmitment to helping our customers move forward. Since our beginnings in the 1930s to bing a trusted financial partner across the South and beyond - we are known forbining personal relationships with forward-thinking solutions.

We aremitted to helping our team members find their success while maintaining the integrity of our values: building trust, fostering lasting relationships and pursuing excellence. At SouthState, individual contributions are recognized, potential is cultivated and team members are inspired to achieve their greater purpose. Your future begins here!

SUMMARY/OBJECTIVES

Director of Cyberernance Management to be responsible for building, implementing, and executing a Cyberernance Program that will identify, evaluate, and monitor the overall Cyber securityernance profile across thepany promoting the effectiveness of theernance processes. This person is responsible for defining and aligning strategies for theernance and team and ensuring centralized, clear and consistent Cyber Requirements aremunicated to appropriate audiences

The Director of Cyberernance Management will drive the business in achieving its' objectives through the proactive evaluation and enhancement of the cyberernance program activities and controls that prevent or mitigate the impact of cyber risk.

ESSENTIAL FUNCTIONS

• Lead the development and implementation of effectiveernance (Standards, Policies and Practices) to secure sensitive data and ensure security andpliance with contracts, regulatory requirements, and industry standards

• Build the Cyberernance structure and methodology for clear, efficient and practical implementation of key control requirements & best practices.

• Collaborate with Legal, Privacy,pliance, and key business leaders to identify information management and protection laws and regulations and implement actions to ensurepliance • Establish annual and long-term goals, definingernance strategies, metrics, and reporting mechanisms

• Develop strategies and action plans to drive security maturity requirements & best practices in areas where controls are deficient.

• Collaborate across Legal, Information Security andpliance Teams, IT teams, HR, and ERM in the development of security best practices and procedures

• Lead the development of executive and board levelmunications as related to corporate cybersecurityernance posture

• Supports Develop and manage Cyber Control Testing & Assurance Program within the confines of the overall guidance provided by the ERM group • Develop, document, and assess measures, metrics, and internal controls related to cyber security program maturity • Collaborate and support in the Development of Cyber Risk Management Strategy, Framework and Approach. • Integrate cyber securityernance reporting and aggregate reporting into an Enterpriseernance Framework. • Provide briefings to leadership and advise of critical issues that may affect business or enterprise cybersecurity objectives in partnership with the Chief Information Security Officer • Partner with Cyberpliance, Cyber Architecture, and Cyber Engineering, to articulate Cyber requirements, controls, strategies, solutions, and rmendations to improveernance and reduceponents, systems, or enterprise security risk • Rmend programs to enhance maturity in Security and track their progress • Evaluate existingernance monitoring metrics and tools, develop metrics and insights, and seek to enhance maturity of analytics. • Manage the Cyber Securityernance program developed in coordination with the ERM group. Develop Requirements program schedule based on evaluation of the changing requirements, standards and best practices landscape.

• Set team's goals and coach team members to attain maximum productivity through motivation and dedication.

• Identify Team Development Opportunities and budget/plan for team growth.

• Propose budget changes and monitor budget variances

Qualifications, Education, and Certification Requirements

• Bachelor's degree preferred in information security, Information Technology, Audit, Risk Management • 10+ years of progressive Information Security, ITernance, Cyber Risk Management, and/or Auditing & Assurance

Knowledge of regulatory and industry best practices authoritative sources

Experience with financial regulations, standards, and best practices such as SOX, GLBA, OCC Heightened Standards, PCI DSS, FFIEC, and/or CRI.

Experience with PCI DSS, technical audit, and/orpliance assessments.

Experience leading and managing PCI DSSpliance and program activities such PCI readiness assessments, QSA assessments, consultations, and ongoing monitoring.

Experience developing and implementing a robust Cyberernance Framework.

Experience with UCF & CRI Profile Tooling

Experience with financial regulations and industry best practices.

Experience with Automatedernance Approach leveraging industry recognized GRC solutions such as Archer, ServiceNow, KeyLight etc. • 3-5 years' experience managing cross-functional, multi-business unit projects reflective of leadership role. • Experience building and/or growing a Cyber Security program.

Certifications: CGEIT, CRISC, CISSP, CISA, CISM etc.

PHYSICAL DEMANDS

Must be able to effectively access and interpret information onputer screens, documents, and reports. This position requires a large amount of time in front of aputer. This can be done sitting or standing with use of the right desk.

WORK ENVIRONMENT

This position is located in a private office. With Telmuting available. Telmuting roles no matter if hybrid or 100% full time telmuting must have a secure home office environment that is free from background noise and distractions. They must also have a reliable private internet connection that is not supplied by use of cellular data (hot spot). Cable or fiber connections are preferred. Requirements are subject to change, as new systems and technology is delivered.

TRAVEL

Travel may be required toe to meetings as needed.

In accordance with Colorado law: Colorado pay for this position is anticipated to be between $124, - $198, , actual offers to be determined based on applicant's skills, experience and education.

While the anticipated deadline for the job posting is 09-07-2025, we encourage you to submit your application as we may still consider qualified candidates beyond this date.

Benefits | SouthState Careers

Equal Opportunity Employer, including disabled/veterans. Job ID R-02365