Vacancy expired!
Job Description
Are You Ready to Make It Happen at Mondelz International?Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours.You work with the information security team as a competent and experienced information security and compliance leader.How you will contributeYou will assess information security risks in line with internal policies and external best practices and determine requirements how to secure Mondelz International information and IT assets. In addition, you will develop security standards and policies; advise technical teams when developing relevant procedures or have operational security questions; review and consulting them on compliant and effective use of common tools. You will also keep business stakeholders apprised on the overall security and compliance roadmap, provide training on information security to appropriate teams, and develop security strategies, architectures and roadmaps across process and technologies.What you will bring- Oversee development and maintenance Line of Business security risk portfolio to feed investment decisions, mitigation plans, and enterprise risk management
- Facilitate and manage risk assessments and workshops to identify and catalog risk across BUs
- Engage and partner with executives across lines of business/ Bus
- Guide and support on building a third party information security risk management framework
- Oversee a mechanism in which the security risk managers partner with the business to ensure proactiveness and anticipation to third party management.
- Provide strategic leadership and assist in the development of multi-year organizational plans in line company strategy
- Support project managers in third party risk management to ensure policies are incorporated correctly and the 3rd party risk management frameworks are preserved
- Oversee development security strategy for each policy focus areas
- Manage facilitation and tracking compliance activities and management action plans
- Oversee collection and tracking of high level roll up data from compliance assessments and findings from Control Assessors
- Oversee development and maintenance of centralized role catalogue
- Align organizational goals to strategic company goals and objectives. Translate goals into meaningful, measurable, and actionable strategy for department.
- Communicate department objectives and organizational activities to executive management
- Working knowledge of Risk Management and/or Audit programs with demonstrated understanding of IT and Information Security frameworks (e.g. NIST CSF, ISO 27001, COBIT)
- Understanding and technical knowledge of key risk management concepts, including but not limited to, security risk management, information security consulting, third party management, software security, and security architecture.
- Demonstrable strong management skills, the ability to develop, mentor and coach others.
- Strong written and oral executive communication, including up to the C-level.
- Experience in working in large or federated enterprises, preferably in the Consumer Products and FMCG industries.
- Ability to describe cyber risk from an operating perspective to provide consulting guidance and build relationships.
- Strong technical understanding of SOX and processes/ steps taken to automate such .
- Ability to design and evaluate processes to build security mindset and review processes for ongoing improvement to mitigate risks.
- Strong understanding of risk, compliance and ability to define and operationalize cybersecurity processes.
- Ability to delegate work to team members and provide clear and effective guidance on implementation of processes.
- Experience in the implementation and/or management of Risk and Compliance (GRC) technologies and supporting processes.
- Professional certifications are a plus:
- Certified Information Systems Manager (CISM)
- Certified Information Systems Security Professional (CISSP)
- Certified in Risk and Information Systems Control (CRISC)
- Certified in the Governance of Enterprise IT (CGEIT)
- Certified Information Systems Auditor (CISA)
- Certified Protection Profession (CPP)
- Bachelor's Degree Required
Vacancy expired!