Enable America Jobs

JOB REQUIREMENTS: Manager, Global Information Security Risk - 27590 DESCRIPTION/RESPONSIBILITIES: Summary: The Manager, Global Information Security Risk focus on driving alignment between security processes and business capabilities. The manager assists with reporting on the state of risk, providing visibility and helping business leaders and risk managers understand where risk resides and where improvements must be made to protect the business. The manager interacts with IT, Governance, Manufacturing and other business stakeholders to understand information security risks across all technology platforms and business environments to manage risk to appropriate tolerances and ensure controls are in place to protect SCJ. The manager will work collaboratively across SCJ to support current and upcoming products, services and initiatives to identify and manage risks to acceptable levels. This includes but is not limited to elevating Security Risk and Compliance Frameworks, assessment methodologies, inherent risk, residual risk models to achieve the objectives of the company leveraging a pragmatic approach. This is an onsite role in Racine, WI. Essential Duties and Responsibilities: * Lead the creation and implementation of frameworks for conducting comprehensive business and technology risk assessments * Drive strategic initiatives to identify, evaluate, and mitigate risks, while mentoring team members to ensure effective risk management practices * Consults on active projects for items related to business and information security risk and how to address gaps through recommended risk response * Provide subject matter expertise of business and the associated risks, balancing approach to both protect and enable the business, bringing line of business specific security requirements back to risk team leadership * Analyzes, communicates, and enforces all security controls identified for our company\'s information security compliance requirements * Performs risk management assessments, develop recommended risk response and communicate risk to leadership * Mentor and Coach Team Members and parties providing guidance and in developing their skills in risk management. SC Johnson\'s total compensation packages are at or above industry levels. In addition to salary, total packages may include bonuses, long-term incentives, matching 401(k) contributions and profit sharing based on company profitability, job level and years of service. As a family company, we\'re committed to providing benefits such as subsidized health care plans, maternity/paternity/adoption leave, flexible work arrangements, vacation purchase options, recreation and fitness centers, childcare, counseling services and more. Equal Opportunity Employer The policy of the Company is to ensure equal opportunity for all qualified applicants and employees without regard to race, color, religion, gender, marital status, sexual orientation, national origin, ancestry, age, gender identity, gender expression, disability, citizenship, pregnancy, veteran status, membership in any active or reserve component of the U.S. or state military forces, genetic history or information or any other category protected by law. Accommodation Requests If you are an individual with a disability and you need an accommodation or other assistance during the application process, please call our Human Resources department at 262-260-3343 or email your request to SCJHR@scj.com . All qualified applicants are encouraged to apply. Download the EEO is the Law poster for more information. ***** OTHER EXPERIENCE AND QUALIFICATIONS: Required Skills / Experience / Competencies: * Bachelors degree or equivalent is required * 5+ years of experience with risk management and/or security controls/frameworks * 2 years\' experience building recommended risk responses to address security gaps without hindering the business * 2 years\' experience Ability o apply data governance framework to effectively determine confidentiality level for company data * Must be legally authorized to work in United States Preferred Skills/ Experience: * 5+ years of overall experience in the information security or compliance field, audit, or operational risk * 3+ years of experience of working with/ implementing risk control frameworks and processes to drive a risk-based approach to information security (e.g. COBIT,NIST CSF,NIST 800 53 Rev 4, ISO 17799, ISO/IEC 27002, ITIL etc.) * 2+ years of experience conducting information security internal controls assessments, vendor risk assessments, metrics, dashboards and risk reporting. In-depth understanding of security controls and how to apply them to business use cases * Possess business acumen and experience interfacing with business leaders and various levels including middle and senior management * Demonstrate strong knowledge in IT controls, risk assessments, and the design and testing of security measures * Certification pertaining to information security and data privacy protection (e.g., Certified in Risk and Information Systems Control (CRISC), Certified Information ***** APPLICATION INSTRUCTIONS: Apply Online: https://ars2.equest.com/?response_id=7a100c43e71c42a035a85269bddbd564 Other: Applicants ONLY to apply via URL link provided! Qualified females, minorities, and special disabled veterans and other veterans are encouraged to apply.