Cyber Risk & Compliance Manager
Atlanta, GA - 6305 Peachtree Dunwoody Rd Bldg B
Full Time Mid-level / Intermediate USD 106K - 177K
Cox Enterprises
Empower to build. The story of Cox Enterprises is one of hard work, respect for employees, entrepreneurship and making bold decisions.Company
Cox Automotive - USAJob Family Group
Information TechnologyJob Profile
Cyber Risk & Compliance ManagerManagement Level
Manager - Non People LeaderFlexible Work Option
Hybrid - Ability to work remotely part of the weekTravel %
NoWork Shift
DayCompensation
Compensation includes a base salary of $106,700.00 - $177,900.00. The base salary may vary within the anticipated base pay range based on factors such as the ultimate location of the position and the selected candidate’s knowledge, skills, and abilities. Position may be eligible for additional compensation that may include an incentive program.Job Description
The Cyber Risk & Compliance Manager works as part of a team to assess cybersecurity and technology risks against established frameworks, standards, policies, and methodologies. As a Cyber Risk & Compliance Manager, the individual reviews and recommends controls and best practices, as well as continually evaluates risk exposure and tolerance. The role also reviews and documents deficiencies, advocates for change, and when appropriate, escalates issues.
A Cyber Risk & Compliance Manager reports on the state of risk for their assigned business areas by providing visibility and helping leaders understand where risk resides and where improvements can be made to protect the business. Such reporting includes adherence to regulations and industry guidelines, as well as company policies and standards. The Cyber Risk & Compliance Manager focuses on risks within internal and business-controlled areas of security, technology, and business processes. Advisors partner with the product, engineering, and architecture teams across various levels as part of the normal course of work.
Serve on a team responsible for reviewing and documenting where security and technology controls are adequate or require improvement.
Recommend risk reduction steps to be implemented and maintained through policies, procedures, frameworks, and technical controls.
Document, formulate, and communicate security improvements that balance risk with business objectives, and do not diminish efficiencies or innovation.
Demonstrate in-depth knowledge and application of cyber risk assessment and measurement techniques in areas including cloud security, infrastructure protection, system resiliency, application security and architecture, and data protection throughout the data lifecycle.
Develop and maintain assessment questionnaires to understand cyber risk from various areas.
Facilitates compliance initiatives like CCPA, GDPR, PCI and supports ongoing maintenance with applicable laws and regulations.
Provide regular and timely reporting on the status of cybersecurity risk across the organization.
Support the continuous development and improvement of our cybersecurity program (including risk framework, assessment, policies and standards, etc.), reflecting global business needs while considering the nature of a diversified business organization.
Engage with the Cybersecurity, Security Awareness & Education, and Business Information Security teams to assist in effectively driving program maturity and mitigation of cybersecurity risks.
Stay abreast of relevant international security regulations, laws, and technologies across and adjusting programs and processes as required.
Minimum Requirements:
Bachelor’s degree in Information Security, Information Assurance, Computer Science, Engineering, or related technical field and 6 years’ experience in a related field. The right candidate could also have a different combination, such as a master’s degree and 4 years’ experience; a Ph.D. and 1 year of experience; or 10 years’ experience in a related field.
At least one security certification like CISSP, CISM, CISA, CTPRM, CCSP.
Three years of experience with Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform.
Familiar with one or more regulatory requirements and laws such as, but not limited to, PCI, CCPA, GDPR and GLBA. Additionally, experience in one or more: ISO 27001, NIST CSF.
General understanding of risk methodologies such as the Factor Analysis of Information Risk methodology.
Preferred Requirements:
Strong written and oral communication skills across varying levels of the organization.
Organized, with the ability to prioritize and complete tasks within defined SLAs.
Ability to work in a team and independently to fix issues with little or no supervision
Ability to build effective working relationships at all levels of the organization
Excellent communication skills
Drug Testing
To be employed in this role, you’ll need to clear a pre-employment drug test. Cox Automotive does not currently administer a pre-employment drug test for marijuana for this position. However, we are a drug-free workplace, so the possession, use or being under the influence of drugs illegal under federal or state law during work hours, on company property and/or in company vehicles is prohibited.Benefits
The Company offers eligible employees the flexibility to take as much vacation with pay as they deem consistent with their duties, the company’s needs, and its obligations; seven paid holidays throughout the calendar year; and up to 160 hours of paid wellness annually for their own wellness or that of family members. Employees are also eligible for additional paid time off in the form of bereavement leave, time off to vote, jury duty leave, volunteer time off, military leave, parental leave, and COVID-19 vaccination leave.About Us
Through groundbreaking technology and a commitment to stellar experiences for drivers and dealers alike, Cox Automotive employees are transforming the way the world buys, owns, sells – or simply uses – cars. Cox Automotive employees get to work on iconic consumer brands like Autotrader and Kelley Blue Book and industry-leading dealer-facing companies like vAuto and Manheim, all while enjoying the people-centered atmosphere that is central to our life at Cox. Benefits of working at Cox may include health care insurance (medical, dental, vision), retirement planning (401(k)), and paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO). For more details on what benefits you may be offered, visit our benefits page. Cox is an Equal Employment Opportunity employer – All qualified applicants/employees will receive consideration for employment without regard to that individual’s age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law. Cox provides reasonable accommodations when requested by a qualified applicant or employee with disability, unless such accommodations would cause an undue hardship.Tags: Application security AWS Azure CCPA CCSP CISA CISM CISSP Cloud Compliance Computer Science GCP GDPR GLBA ISO 27001 NIST Risk assessment SLAs
Perks/benefits: Flex hours Flex vacation Health care Insurance Medical leave Parental leave Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cybersecurity Analyst jobs
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Engineer jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Network security-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open PowerShell-related jobs