Associate Director Cybersecurity Policy Compliance Management (PCM)

Job Description:

This position requires office presence of a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.

Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future—you’ll create it.

The Associate Director –Cybersecurity, Policy Compliance Management (PCM) will lead and manage the team responsible for AT&T’s Policy Exception Request (PER) process within the Chief Security Office. This role is critical for ensuring all non-compliances to AT&T Security Policies and Standards are proactively identified, thoroughly assessed, documented, tracked, and resolved in accordance with corporate risk management and audit requirements.

• Lead the PCM team, ensuring effective execution of all phases of the PER process—including intake, quality review, risk assessment, approvals, and closure.

• Oversee identification, documentation, and management of non-compliances to AT&T Security Policies and Standards, ensuring each PER is rigorously and rapidly assessed for risk, business impact, and remediation planning.

• Leverage AI-driven tools and analytics for risk scoring, decision support, and automated non-compliance risk ratings—integrating data from PER, iTAP, and policy sources to deliver actionable insights for mitigation and business decision-making.

• Drive the creation and delivery of streamlined, simplified leadership dashboard reports highlighting key compliance metrics and trends for executive audiences, ensuring both comprehensive coverage and timely delivery.

• Ensure close collaboration between the PCM team, Business Units, risk owners, and CSO partners (e.g., BISOs, Tech Risk, PCI, SOX, FirstNet) across the PER workflow, providing expert guidance on compliance requirements and risk mitigation strategies.

• Champion the use of ServiceNow for workflow automation, reporting, and record-keeping, maximizing operational efficiency, AI integration, and auditability across all PER activities.

• Collaborate closely with CSO Security Policy Governance leadership, peer teams, and the CSO Security Policy Governance Innovation expert/architect to foster a cohesive, innovative partnership that leverages AI and drives alignment.

• Work closely with the CSO Technology Risk team to identify and align Technology Risk Issues (TRIs) with Policy Exception Requests (PERs), ensuring an auditable process for detecting significant systemic risks across the AT&T enterprise.

• Monitor and report on remediation progress, including funding status and escalations, to ensure business units are accountable for timely compliance or properly documented business decisions.

• Create and maintain comprehensive, auditable process documentation and playbooks for the PCM/PER process, ensuring accessibility and clarity.

• Master’s Degree in Computer Science or Cybersecurity preferred.

• 5+ years in information security, risk management, or policy compliance, with significant experience managing compliance exception processes and cross-functional teams.

• Expert knowledge of Security Policies and Standards, the PER process, risk assessment methodologies (e.g., NIST 800-30), Technology Risk Issues, and AT&T’s strategic ServiceNow technologies.

• Demonstrated experience reviewing user stories and leading User Acceptance Testing (UAT) within ServiceNow or similar agile environments, ensuring robust adoption of agile methodologies and successful delivery of business requirements.

• Experience leveraging AI or advanced analytics for risk scoring, compliance automation, and data-driven decision support.

• Proven leadership in managing teams responsible for compliance artifact creation, risk evaluation, remediation tracking, and stakeholder engagement.

• Ability to review, interpret, and provide feedback on tools, user stories, and UAT processes developed by Security Policy Governance Innovation experts/architects, ensuring alignment with agile methodologies and organizational goals.

• Proven ability to build and maintain collaborative relationships with Security Policy Governance leadership, peer teams, and the Security Policy Governance Innovation expert/architect, driving innovative, AI-aligned teamwork and successful cross-functional initiatives.

• Strategic thinker with a proactive, detail-oriented approach to compliance management, process optimization, and AI innovation.

• Experience managing compliance documentation, reporting, and audit readiness in a highly regulated environment.

• Advanced certifications such as CISSP, CISM, CISA, or ServiceNow GRC Certification are highly desirable.

Our Associate Director-Cybersecurity earns between $155,400-$233,200 USD Annual. Individual starting salary within this range may depend on geography, experience, expertise, and education/training.

Joining our team comes with amazing perks and benefits:

• Medical/Dental/Vision coverage

• 401(k) plan

• Tuition reimbursement program

• Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)

• Paid Parental Leave

• Paid Caregiver Leave

• Additional sick leave beyond what state and local law require may be available but is unprotected

• Adoption Reimbursement

• Disability Benefits (short term and long term)

• Life and Accidental Death Insurance

• Supplemental benefit programs: critical illness/accident hospital indemnity/group legal

• Employee Assistance Programs (EAP)

• Extensive employee wellness programs

• Employee discounts up to 50% off on eligible AT&T mobility plans and accessories,

• AT&T internet (and fiber where available) and AT&T phone.

#LI-Onsite – Full-time office role

If you are passionate about policy compliance, exception management, leveraging AI for risk management, and leading teams to drive both rigorous quality and high-volume results, we invite you to join AT&T’s Chief Security Office and shape the future of compliance governance.

Apply Now!

Weekly Hours: 40

Time Type: Regular

Location: USA: NC: Charlotte / Research Dr - Dat: 9139 Research Dr

Salary Range: $155,400.00 - $233,200.00

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.