IT Security Analyst, Governance, Risk & Compliance
Mentor, OH, United States
Applications have closed
Avery Dennison
Avery Dennison is a global materials science company specializing in the design and manufacture of a wide variety of labeling and functional materials.Company Description
Avery Dennison Corporation (NYSE: AVY) is a global materials science company specializing in the design and manufacture of a wide variety of labeling and functional materials. The company’s products and solutions, which are used in nearly every major industry, include pressure-sensitive materials for labels and graphic applications; tapes and other bonding solutions for industrial, medical, and retail applications; tags, labels and embellishments for apparel; and radio frequency identification (RFID) solutions serving retail apparel and other markets. The company employs approximately 36,000 employees in more than 50 countries. Reported sales in 2021 were $8.4 billion. Learn more at www.averydennison.com.
At Avery Dennison, some of the great benefits we provide are:
- Health & Wellness benefits starting on day 1 of employment
- Paid parental leave
- 401K eligibility
- Tuition reimbursement
- Flexible work arrangements
- Employee Assistance Program eligibility / Health Advocate
- Paid vacation and Paid holidays
Job Description
We are actively looking for an IT Analyst to join our Avery Dennison IT Security team! In this position you will conduct comprehensive assessments of IT related SOX controls and processes, coordinate the IT Risk assessment and evaluation process, and manage the end-to-end IT Policies process. Additionally, you will provide support for other IT security related activities as needed.
Job Location: Remote/Hybrid. In the US, preferably within commuting distance of a major Avery Dennison facility.
Responsibilities:
- Participate in all phases of SOX compliance for the Enterprise Security team, including risk assessment and planning discussions, documenting process walkthroughs, identifying controls and key reports, testing, and reporting results, working closely with the Corporate Compliance Team.
- Assist with any ad hoc operational reviews and or process assessments.
- Aggregate and analyze data from various sources to provide a comprehensive assessment of IT risk landscape, and to better understand the potential IT risks, concerns and outcomes of decisions.
- Develop systems and processes for gathering and storing data for future IT risk analytic projects.
- Participate in and lead IT components of the bi-annual ERM Risk Assessment process conducted by the Global Risk department.
- Manage the entire IT Policy process, developing new policies as needed based on new laws, identified risks or industry trends, publishing and maintaining all policies in OurWorld and ad.a Knowledge Base, coordinating the exception process, and ensuring the relevancy of existing policies.
- Conduct the annual Policy Compliance survey assessing compliance against Avery Dennison’s IT Policies for SOX and Secret Data systems.
- Stay informed about the latest developments in IT Risk, IT Policies and Sarbanes Oxley with an emphasis in security practices.
- Assist business partners with all IT security assessments requested by our existing customers.
- All other duties and projects as assigned.
Qualifications
- Bachelor's degree or alternate combination of education/experience that results in equivalent job knowledge is required.
- 6 or more years of experience in any of the following areas: Cyber Security, IT Systems Architecture, IT Systems Administration, IT Auditing, Risk and/or Vendor Management or a related field.
Preferred Qualifications
- A successful academic or work background demonstrating the ability to absorb information, apply conceptual skills in practical applications, and achieve desired results in a highly technical, operating environment.
- Strong analytical and problem-solving background; good project management skills with ability to multitask and manage multiple activities in a multi-functional environment.
- Must effectively deal with the rapid technological and business change while maintaining passion and displaying sound judgment and common sense.
Certifications preferred may include:
- ISC2 Certified Information Systems Security Professional (CISSP)
- Certified in Risk and Information Systems Control (CRISC)
- Certified Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA)
The salary range for this position is $83,000 - $123,000 / year.
The hiring base salary range above represents what Avery Dennison reasonably expects to pay for this position as of the date of this posting. Actual salaries will vary within the range, and in some circumstances may be above or below the range, based on various factors including but not limited to a candidate’s relevant skills, experience, education and training, and location, as well as the job scope and complexity, responsibilities, and regular and/or necessary travel required for the position, which may change depending on the candidate pool. Avery Dennison reserves the right to modify this information at any time, subject to applicable law.
Additional Information
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veteran status or other protected status. EEOE/M/F/Vet/Disabled. All your information will be kept confidential according to EEO guidelines.
If you require accommodations to view or apply for a job, alternative methods are available to submit an application. Please contact (440)534-6000 or NA.TA.Operations@averydennison.com to discuss reasonable accommodations.
Tags: Audits Business Intelligence CISA CISM CISSP Compliance CRISC Governance Industrial Risk assessment Security assessment SOX Vendor management
Perks/benefits: Career development Flex hours Flex vacation Health care Medical leave Parental leave Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open CI/CD-related jobs