Associate Manager, Information Security Risk and Compliance
USA - Howe Street
SC Johnson
SC Johnson is a family company dedicated to innovative, high-quality products, excellence in the workplace and a long-term commitment to the environment and the communities in which it operates. Based in the USA, the company is one of the...SC JOHNSON IS A FIFTH-GENERATION FAMILY COMPANY BUILT ON THE SPIRIT OF OUR PEOPLE. We have been leading with purpose for over 130 years, building iconic brands that win the hearts and minds of consumers – such as Raid®, Glade®, Ziploc® and more, in virtually every country around the world. Together, we are creating a better future – for the planet, for future generations and for every SCJ team member. Join our winning team of Wave Makers and Go Getters and help us write the next chapter in the SCJ story.
Summary
The Associate Manager, Information Security Risk and Compliance is responsible for supporting the security direction of the business and elevating the company’s security posture. The person in this position will be the subject matter expert and owner providing oversight of information security assurance processes/ controls all while using a risk based approach. The individual in this position interacts closely with internal business partners and personnel from various IT departments. The position requires an understanding of both legacy systems and new technologies as well as IT controls and security standards.
This is an onsite role in Racine, WI
KEY RESPONSIBILITIES
Develop and provide oversight of information security assurance processes/controls to achieve SGC desired goals.
Provide updates on roadmap and project execution and creating artifacts to enable monitoring and reporting, including risk assessments to SGC.
Escalates Oversight Areas to GIS Governance for direction.
Designs and executes controls to effectively remediate risk per the risk tolerances and in compliance with SC Johnson policies and standards.
Lead the security risk exception process by working with internal customers (business and IT), reviewing security gaps and identifying remediation requirements.
Effectively communicate and educate business on security gaps and risks as identified.
Conduct security risk assessments as assigned.
REQUIRED EXPERIENCE YOU’LL BRING
Bachelor’s degree in Computer Science or Information Management, or equivalent degree. Military experience considered in lieu of education requirement
5+ years’ experience in a Risk and Compliance or Enterprise Security role, or Management/ Administration of enterprise information technology systems
2+ Experience in cybersecurity as a practitioner and with exposure to various security frameworks (NIST, ISO, COBIT)
2+ years experience complying to and/or enforcing Information Security requirements on an enterprise IT platform.
PREFERRED EXPERIENCES AND SKILLS
Experience in building control frameworks and self-assessment testing.
Some Automation knowledge to support continuous delivery and continuous integration.
Familiarity with state, federal and international privacy laws.
Ability to communicate IT Risks to business leaders and partners.
Experience working with internal & external audit groups and IT control testing, and experience with Project Management and leading teams.
Demonstrated problem-solving capabilities, and ability to manage complex local and international security requirements.
CRISC Certification desired.
JOB REQUIREMENTS
Office work environment
Remote work available once a week for eligible employees
SC Johnson’s total compensation packages are at or above industry levels. In addition to salary, total packages may include bonuses, long-term incentives, matching 401(k) contributions and profit sharing based on company profitability, job level and years of service. As a family company, we’re committed to providing benefits such as subsidized health care plans, maternity/paternity/adoption leave, flexible work arrangements, vacation purchase options, recreation and fitness centers, childcare, counseling services and more.
#LI-MHI
Inclusion & Diversity
We’re a global business, with people from every culture, ethnicity, race, religion, gender identity, sexual orientation, age and ability. We recognize the breadth of human experience, and we work to celebrate it. It is our goal to build a diverse, inclusive and supportive work environment where all people can thrive.
We’re committed to ongoing efforts that help us attract, hire, and retain diverse talent who want to build a positive, inclusive environment. Read more about our ongoing initiatives at https://jobs.scjohnson.com/inclusion.
Better Together
At SC Johnson, we strive to create a positive, inclusive and unique workplace. We strongly believe SCJ people are able to achieve their best when they can collaborate and work together in person.
Equal Opportunity Employer
The policy of the Company is to ensure equal opportunity for all qualified applicants and employees without regard to race, color, religion, gender, marital status, sexual orientation, national origin, ancestry, age, gender identity, gender expression, disability, citizenship, pregnancy, veteran status, membership in any active or reserve component of the U.S. or state military forces, genetic history or information or any other category protected by law.
Accommodation Requests
If you are an individual with a disability and you need an accommodation or other assistance during the application process, please call our Human Resources department at 262-260-3343 or email your request to SCJHR@scj.com. All qualified applicants are encouraged to apply. Download the EEO is the Law poster for more information.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation COBIT Compliance Computer Science CRISC Governance Monitoring NIST Privacy Risk assessment
Perks/benefits: Flex hours Flex vacation Health care Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cloud Security Architect jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Manager Pentest H/F jobs
- Open Security Operations Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Security Consultant jobs
- Open Senior Network Security Engineer jobs
- Open Senior Security Architect jobs
- Open Windows-related jobs
- Open Risk assessment-related jobs
- Open CISM-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DoD-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open Splunk-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open IPS-related jobs
- Open Kubernetes-related jobs