Information Security Compliance Manager
USCA - USA - North Carolina - Remote - KBI
Kontoor Brands
Who We Are:
Kontoor Brands, Inc. (KTB) is the parent company of Wrangler®, Lee® and Rock & Republic®, with owned manufacturing facilities in Mexico and Nicaragua. Kontoor also owns and operates over 140 retail stores across the globe. Our global company employs more than 15,000 people in 65 countries, with world headquarters in Greensboro, North Carolina, and regional headquarters in Geneva and Hong Kong.
Job Posting:
The Global Risk and Compliance team is looking for a Compliance & Privacy Manager to join their team. This individual will work with the Director of GRC to develop IT compliance programs focused on SOX, PCI and Privacy regulations; oversees assessments and collaborates with cross-functional teams to maintain a strong compliance posture. Coordinates work of GRC analysts and cross functional IT teams to perform required reviews (access, SoD, etc), ensures processes are in place to address Privacy operations and provides requirements for data protection program.
This role also directs, delivers, and ensures delivery of training so staff members know how to maintain the compliance of their areas of responsibility.
Key Responsibilities:
- Support Controller of Accounting & Reporting to develop and supply requirements for SAP GRC Rules (including mitigating controls) to IT IdAM Operations
- Performs or oversees information security assessment/analysis, mitigation and remediation. Advise in implementing solutions and mitigation plans for control deficiencies; regulatory and compliance gaps and make recommendations for process efficiencies.
- Conducts related ongoing security compliance monitoring activities in coordination with the organization’s other compliance and operational assessment functions.
- Partners with Information Security Awareness to oversee, develop and provide compliance training to the workforce. Educate and coach internal Technology teams on technology risk, audit, and control principles.
- Ensures timely completion of User Access, Privileged Access and Segregation of Duties and other control Reviews
- Collaborate cross-functionally with teams including Legal, Privacy, Internal Audit, IT Risk Management, IT Security, external consultants and auditors on assessments, process improvements, documenting standards and procedures, and ensuring deadlines are achieved.
- Support IT risk, audit, and compliance reporting via consolidated dashboards to aid in executive management decision making process. Identify and report metrics to IT leadership on monthly basis
- Maintain current knowledge of appliable global, federal, and state information security laws and accreditation standards.
- Maintain required administrative processes such as meetings, training, budgeting, status reporting, etc.
- Oversees work of GRC analysts to ensure timeliness and accuracy
Skills for Success:
- Strong leadership, project and team-building skills, including the ability to lead teams and drive projects and initiatives across multiple departments.
- Ability to identify risks associated with business processes, operations, information security programs and technology projects.
- Ability to develop working relationships with the business, and a broad understanding of business processes in order to translate technical issues into business-related decision points.
- Strong critical thinking and analytical skill.
- Ability to drive tasks forward with limited direction.
- Exceptional communication and presentation skills with diverse audience.
Experience/Education:
- InfoSec certifications including CISSP, CISA, and CISM are desired
- Bachelor’s degree in an IT, Information Security or Audit related field of study, or equivalent experience
- Working in information security and/or IT audit
- Experience as a PCI Qualified Security Assessor (QSA) is preferred
- Working knowledge of key industry standards and security regulatory frameworks (SOC 1, SOC 2, SOX, PCI, COBIT 5, ISO, NIST, etc.) is desired
- Practical experience supporting Sarbanes-Oxley (SOX) compliance
- Experience working in a company using SAP (knowledge of Access Management/GRC within SAP)
- Experience in a global retail environment is preferred
- General knowledge of EU, US and other regional Privacy and Financial regulations
Special Physical and/or Mental Requirements:
- None
#LI-remote
Why Kontoor Brands?
At Kontoor, we offer a comprehensive benefit package to fit your lifestyle and our benefits are crafted with the same care as our products.
When our employees are healthy, secure and well, they bring their best selves to work. Kontoor Brands supports you with a competitive benefits program that provides choice and flexibility to meet your and your family’s needs – now and in the future. We offer resources to support your physical, emotional, social and financial wellbeing, plus benefits like discounts on our apparel. Kontoor Brands also provides four weeks of Paid Parental Leave to eligible employees who are new parents, Flexible Fridays and tuition reimbursement.
Our Kontoor D&I Mission
At Kontoor, we believe that D&I is a key enabler to a culture that empowers us to work with passion and confidence, shaping our brand and future.
Our Kontoor D&I Commitment
- Create a global workforce of high-performing teams that both unlocks our individual uniqueness and harnesses our collaborative talents
- Ensure an equitable environment that attracts & promotes diverse workforce
- Foster inclusivity, ensuring employees feel they can bring their whole selves to work
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISA CISM CISSP COBIT Compliance IAM Monitoring NIST Privacy Risk management SAP Security assessment SOC SOC 1 SOC 2 SOX
Perks/benefits: Flex hours Parental leave Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Officer jobs
- Open Senior Product Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Editor jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Engineer jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs