Director, Cybersecurity - Governance, Risk and Compliance (GRC)

Make A Difference For Those Who Make The World™

It takes great people to achieve greatness. People with a sense of purpose and integrity. People with a relentless pursuit of excellence. People who care about making things better For Those Who Make The World™. Sound like you? Join our top-notch team of nearly 60,000 professionals globally who are making their mark on some of the world’s most beloved brands, including DEWALT®, CRAFTSMAN®, CUB CADET®, STANLEY® and BLACK+DECKER®

What You’ll Do

As Director, Governance, Risk & Compliance (GRC) you’ll be part of our Cybersecurity Office located virtually. Reporting directly to the CISO, this role will help mature the cybersecurity governance, risk, audit and compliance program at SBD. This person will work with business and IT partners across the enterprise to ensure strong executive sponsorship and engagement from the right team of stakeholders and subject matter experts. This role is an integral lead for the GRC program and will assist in overseeing all aspects of the program.

 You’ll get to:  

• Mature the cybersecurity Governance, Risk, Audit and Compliance program
• Be responsible for every aspect of GRC across the enterprise
• Author and update policies, standards, and procedures that are related to security risk management
• Create and maintain a 3-year strategic roadmap to continue to mature the Risk Management program
• Conduct an annual Risk Management maturity assessment
• Partner and maintain strong relationships with the business stakeholders including Legal, Supply Chain, IT business analysts, architecture teams, operational teams, and technical leadership
• Manage and oversee the vendor risk management processes
• Manage and ensure security assessments are conducted to reduce risk for various projects within the organization
• Create comprehensive GRC reports for the executive leadership and board of directors that provide clear insights into the company's risk profile, compliance status, and governance effectiveness.
• Manage the review of issues and policy exceptions to ensure risk is being managed appropriately
• Manage compliance regulations and audit requirements
• Develop a robust change management strategy including training and communication plans to properly onboard the end user community
• Identify threats and business activities that introduce risk to the company
• Conduct quantitative and qualitative risk assessments
• Produce reports and metrics that support the analysis from the risk assessment and be able to articulate the findings to both technical and non-technical audiences and collaborate with risk owners on risk treatment strategies
• Business Resiliency| BC/DR

Who You Are

You always strive to do a good job…but wouldn’t it be great if you could do your job and do a world of good? You care about quality – at every level. You love to learn and grow and be acknowledged for your valuable contributions. You’re not intimidated by innovation. In fact, you embrace it.

You also have: 

• BS degree in Business, Information Security, Management Information Systems or related major
• Cybersecurity degree and/or certifications strongly preferred
• 7-10 years of cybersecurity experience
• Strong Cyber Risk Management experience
• Experience with FAIR methodology
• Strong technical and business acumen
• Strong knowledge of frameworks such as ISO 27001, NIST Cyber Security Framework, Center for Internet Security
• Certified in Factor Analysis of Information Risk (FAIR) and Certified in Risk and Information Systems Control (CRISC) desired, but not required
• Experience in coordinating work across multiple functions and be adept at building consensus across organizational and functional lines
• Strong analytical, including data mining, analysis, trending, problem solving and project management skills
• Manufacturing and OT cybersecurity experience a plus
• Strong written, verbal communication and interpersonal skills
• Ability to communicate constantly | effectively throughout highly-matrixed organization
• Must possess a high degree of integrity and trust along with the ability to work independently as well as motivate others

What You’ll Receive

You’ll receive a competitive salary and a great benefits plan:

• Medical, dental, life, vision, wellness program, disability, 401(k), Employee Stock Purchase Plan, paid time off and tuition reimbursement.
• Discounts on Stanley Black & Decker tools and other partner programs.

How You’ll Feel

We want our company to be a place you’ll want to be – and stay. Being part of our team means you’ll get to:

• Grow: Be part of our global company with 20+ brands to grow and develop your skills along multiple career paths.

• Learn: Have access to a wealth of learning resources, including our Lean Academy, Coursera® and online university.
• Belong: Experience an awesome place to work, where we have mutual respect and a great appreciation for diversity, equity and inclusion.
• Give Back: Help us continue to make positive changes locally and globally through volunteerism, giving back and sustainable business practices.

#LI-NM1

#REMOTE

We Don’t Just Build The World, We Build Innovative Technology Too.

Joining the Stanley Black & Decker team means working in an innovative, tech-driven and highly collaborative team environment supported by over 58,000 professionals in 60 countries across the globe. Here, you’ll get the unique chance to impact some of the world’s most iconic brands including STANLEY TOOLS, DEWALT, CRAFTSMAN, MAC TOOLS and Black + Decker. Your ideas and solutions have the potential to reach millions of customers as we work together to write the next chapter in our history. Come build with us and take your career to new heights.

Who We Are 

We’re the World’s largest tool company. We’re industry visionaries. We’re solving problems and advancing the manufacturing trade through innovative technology and our Industry 4.0 Initiative. We are committed to ensuring our state-of-the-art “smart factory” products and services provide greater quality to our customers & greater environmental and social value to our planet. We are unique in that we have a rich and storied history dating back to 1843, but that hasn't stopped us from evolving into a vibrant, diverse, global growth company. 

Benefits & Perks

You’ll get a competitive salary and a comprehensive benefits plan that includes medical, dental, life, vision, wellness program, disability, retirement benefits, Employee Stock Purchase Plan, Paid Time Off, including paid vacation, holidays & personal days, and tuition reimbursement. And, of course, discounts on Stanley Black & Decker tools and products and well as discount programs for many other vendors and partners.

What You’ll Also Get

Career Opportunity: Career paths aren’t linear here. Being part of our global company with 60+ brands gives you the chance to grow and develop your skills along multiple career paths.

Learning & Development: 
Our lifelong learning philosophy means you’ll have access to a wealth of state-of-the-art learning resources, including our Lean Academy and online university (where you can get certificates and specializations from renowned colleges and universities).

Diverse & Inclusive Culture:
We pride ourselves on being an awesome place to work. We respect and embrace differences because that’s how the best work gets done. You’ll find we like to have fun here, too.

Purpose-Driven Company:
You’ll help us continue to make positive changes in the local communities where we work and live as well as in the broader world through volunteerism, giving back and sustainable business practices.

EEO Statement:
All qualified applicants to Stanley Black & Decker are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran’s status or any other protected characteristic.

If you require reasonable accommodation to complete an application or access our website, please contact us at (860) 827-3923 or at accommodations@sbdinc.com.  Due to volume, we cannot respond to unrelated inquiries about the status of a completed application or resetting an account password.

Know Your Rights: Workplace discrimination is illegal (eeoc.gov)