Pay Transparency Statement:
The compensation philosophy reflects the Company's reasonable expectation at the time of posting. We consider a number of factors when making individual compensation decisions including, but not limited to, skill sets, experience and training, and other business needs. This role may also be eligible to participate in a discretionary incentive program, subject to the rule governing the program.
Position Summary:
The Senior Security Governance, Risk, and Compliance Analyst drives security assessments to enable the global enterprise to identify, assess, treat, and monitor cybersecurity risks. The Senior Security Governance, Risk, and Compliance Analyst will engage technology and security stakeholders across the enterprise, including multiple business units, to document and validate security controls, identify coverage gaps, address security compliance requirements, and provide appropriate, fit-for-business recommendations. This role will collaborate with various members of the security and technology organizations across the globe over the course of day- to-day assignments.
Position Responsibilities may include, but not limited to:
Build a Risk Aware Culture by maturing the methods and measures to monitor and report risk, compliance, and assurance efforts through automation and process improvement, which may include use and implementation of GRC technologies
Develop the compliance evaluation for the information security management framework based on the following: CIS (Center for Internet Security) Critical Security Controls, NIST 800-53, and PCI-DSS
Analyze and improve the unified and flexible security control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards, and regulations
Report on the effectiveness of the framework for roles and responsibilities including ownership, classification, accountability, and protection of information assets
Assess and recommend policies, standards, procedures, controls, and security solutions in partnership with key stakeholders to protect the confidentiality, integrity, and availability of the global information technology environment
Develop and facilitate a reporting framework to measure the effectiveness and maturity of the information security program
Participate in meetings with IT and Business Unit executives to report identified risks or control gaps and provide support for remediation of efforts to reduce identified security risks or gaps
Other projects or duties as assigned
#J-18808-Ljbffr
