Associate Manager, Information Security Risk and Compliance jobs in United States
cer-icon
Apply on Employer Site
company-logo

SC Johnson · 6 hours ago

Associate Manager, Information Security Risk and Compliance

positionRacine, WI
timeFull-time
remoteOnsite
seniorityMid, Senior Level
date5+ years exp

SC Johnson is a fifth-generation family company that has been leading with purpose for over 130 years. The Associate Manager, Information Security Risk and Compliance is responsible for supporting the business's security direction and elevating the company's security posture while overseeing information security assurance processes and controls.

Consumer Goods
badNo H1Bnote

Responsibilities

Develop and provide oversight of information security assurance processes/controls to achieve Security Governance Committee (SGC) desired goals
Provide updates on roadmap and project execution and creating artifacts to enable monitoring and reporting, including risk assessments to SGC
Escalates Oversight Areas to GIS Governance for direction
Designs and executes controls to effectively remediate risk per the risk tolerances and in compliance with SC Johnson policies and standards
Lead the security risk exception process by working with internal customers (business and IT), reviewing security gaps and identifying remediation requirements
Effectively communicate and educate business on security gaps and risks as identified
Conduct security risk assessments as assigned

Qualification

RiskComplianceCybersecuritySecurity FrameworksControl FrameworksInformation SecurityAutomation KnowledgePrivacy LawsAudit ExperienceSelf-assessment TestingMilitary ExperienceCRISC CertificationProblem-solvingCommunicationProject ManagementTeam Leadership

Required

Bachelor's degree in Computer Science or Management Information Systems (MIS), or equivalent degree. Military experience considered in lieu of education requirement
5+ years' experience in a Risk and Compliance or Enterprise Security role, or Management/ Administration of enterprise information technology systems
2+ Experience in cybersecurity as a practitioner or with exposure to various security frameworks (NIST, ISO, COBIT)
Qualified candidates must be legally authorized to work in the United States without the need for current or future sponsorship for full-time employment

Preferred

2+ years experience complying to and/or enforcing Information Security requirements on an enterprise IT platform
Experience in building control frameworks and self-assessment testing
Some Automation knowledge to support continuous delivery and continuous integration
Familiarity with state, federal and international privacy laws
Ability to communicate IT Risks to business leaders and partners
Experience working with internal & external audit groups and IT control testing and experience with Project Management and leading teams
Demonstrated problem-solving capabilities, and ability to manage complex local and international security requirements
CRISC Certification desired

Benefits

Bonuses
Long-term incentives
Matching 401(k) contributions
Profit sharing based on company profitability
Subsidized health care plans
Maternity/paternity/adoption leave
Flexible work arrangements
Vacation purchase options
Recreation and fitness centers
Childcare
Counseling services

Company

SC Johnson

twitter
Glassdoor3.8
company-logo
We’re SC Johnson, a family company at work for a better world™.
dateFounded in 1886
location
Racine, WI, US
people-size10001+ employees
web-link
http://www.scjohnson.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
H Fisk Johnson
Chairman, CEO, Chairman of the Board
linkedin
leader-logo
Imran Warrich
Chief Technology Officer
linkedin
Company data provided by crunchbase