• Job Description

  Req#: 93857
  Company Summary
  
  
  EchoStar is reimagining the future of connectivity. Our business reach spans satellite television service, live-streaming and on-demand programming, smart home installation services, mobile plans and products.
  
  Today, our brands include Boost Mobile, DISH TV, Gen Mobile, Hughes and Sling TV.
  
  Job Duties and Responsibilities
  
  
  EchoStar has an exciting opportunity for an Information Security Risk and Governance Partner in our Hughes Network Systems division. The role will protect the company's digital assets and be instrumental in embedding the risk management framework and supporting our governance practices. You’ll assess and mitigate risks, ensure adherence to laws and regulations, contribute to stronger governance, and provide expert GRC guidance to our business stakeholders. This position will be located at our office in Germantown, MD.
  Key Responsibilities:
  • Collaborate with teams, including data and analytics teams, to identify and mitigate risks alongside data compliance.
  • Conduct cybersecurity risk assessments to identify potential threats and vulnerabilities within the organization’s processes and operations. Assist risk owners in identifying risk treatment plans.
  • Provide cybersecurity responses to customer requests for third-party risk management surveys.
  • Support the business in preparing for and responding to internal and external audits, including coordinating documentation and evidence to demonstrate compliance with cyber policies and standards.
  • Generate and share reports and key metrics with management and stakeholders, outlining risk assessments, current compliance status, and suggested enhancements.
  • Educate and build awareness of security requirements and best practices.
  • Propose improvements to GRC processes that reduce risk and boost operational efficiency.
  
  Skills, Experience and Requirements
  
  
  Education and Experience:
  • Bachelor’s degree in Information Technology, Risk Management, Business, or a related field.
  • 5+ years of demonstrated experience in governance, risk management, and compliance, preferably in a corporate setting.
  Skills and Qualifications :
  • Master's degree in computer science, engineering, or a related technical field
  • Strong knowledge of regulatory frameworks, industry standards, and best practices such as NIST CSF, NIST RMF, PCI-DSS, NIST AI RMF, SOC 2, ISO 27001, CMMC, CCPA/CPRA, GDPR, OWASP Top 10 for LLM, SOX.
  • Excellent communication and interpersonal skills to work effectively with business teams and external stakeholders.
  • Ability to stay current with evolving regulations and industry practices, as well as key cybersecurity threats
  • Strong analytical skills and the ability to assess risks and help identify pragmatic solutions.
  • Proficiency in risk assessment and compliance management systems and tools
  Will be eligible for discretionary bonus, with funding based on company performance.
  
  Salary Ranges
  
  Compensation: $100,500.00/Year - $134,000.00/Year
  Benefits
  
  
  We offer versatile health perks, including flexible spending accounts, HSA, a 401(k) Plan with company match, ESPP, career opportunities, and a flexible time away plan; all benefits can be viewed here: DISH Benefits .
  The base pay range shown is a guideline. Individual total compensation will vary based on factors such as qualifications, skill level, and competencies; compensation is based on the role's location and is subject to change based on work location.
  Candidates need to successfully complete a pre-employment screen, which may include a drug test and DMV check. Our company is committed to fostering an inclusive and equitable workplace where every individual has the opportunity to succeed. We are dedicated to providing individuals with criminal or arrest records a fair chance of employment in accordance with local, state, and federal laws.
  The posting will be active for a minimum of 3 days. The active posting will continue to extend by 3 days until the position is filled.
  
  
  Education and Experience:
  • Bachelor’s degree in Information Technology, Risk Management, Business, or a related field.
  • 5+ years of demonstrated experience in governance, risk management, and compliance, preferably in a corporate setting.
  Skills and Qualifications :
  • Master's degree in computer science, engineering, or a related technical field
  • Strong knowledge of regulatory frameworks, industry standards, and best practices such as NIST CSF, NIST RMF, PCI-DSS, NIST AI RMF, SOC 2, ISO 27001, CMMC, CCPA/CPRA, GDPR, OWASP Top 10 for LLM, SOX.
  • Excellent communication and interpersonal skills to work effectively with business teams and external stakeholders.
  • Ability to stay current with evolving regulations and industry practices, as well as key cybersecurity threats
  • Strong analytical skills and the ability to assess risks and help identify pragmatic solutions.
  • Proficiency in risk assessment and compliance management systems and tools
  Will be eligible for discretionary bonus, with funding based on company performance.
  
  
  EchoStar has an exciting opportunity for an Information Security Risk and Governance Partner in our Hughes Network Systems division. The role will protect the company's digital assets and be instrumental in embedding the risk management framework and supporting our governance practices. You’ll assess and mitigate risks, ensure adherence to laws and regulations, contribute to stronger governance, and provide expert GRC guidance to our business stakeholders. This position will be located at our office in Germantown, MD.
  Key Responsibilities:
  • Collaborate with teams, including data and analytics teams, to identify and mitigate risks alongside data compliance.
  • Conduct cybersecurity risk assessments to identify potential threats and vulnerabilities within the organization’s processes and operations. Assist risk owners in identifying risk treatment plans.
  • Provide cybersecurity responses to customer requests for third-party risk management surveys.
  • Support the business in preparing for and responding to internal and external audits, including coordinating documentation and evidence to demonstrate compliance with cyber policies and standards.
  • Generate and share reports and key metrics with management and stakeholders, outlining risk assessments, current compliance status, and suggested enhancements.
  • Educate and build awareness of security requirements and best practices.
  • Propose improvements to GRC processes that reduce risk and boost operational efficiency.

• About the company

  Our adventure began by changing the way people watched TV, bringing DISH to where big cable wouldn’t: rural America. Since then, we have reinvented ourselves and our own industry with SLING TV to give millions of consumers more choice in entertainment. Today, we’ve officially entered the consumer wireless industry as the fourth largest wireless provider with our acquisitions of Boost Mobile, Ting Mobile and Republic Wireless — but that’s just the start. We’re building America’s first cloud-native 5G network to transform the way we live, work and play with unlimited possibilities.

Notice