Job Summary

Global Security Policy Program Manager

The Policy Compliance Program Manager manages cyber security policy communication, development, and maintenance for the Global Security Organization. The program manager will be responsible for coordinating reviews, approvals, and timelines to ensure that policy is kept up to date and relevant to the current security environment. Drafts and coordinates approval for controls, standards, and policies to meet industry level expectations. Manages documentation to ensure compliance with business, regulatory, and customer requirements. Coordinates how policies are displayed, approved, and used within the organization. Creates marketing materials to educate and communicate policy topics to relevant organizations.

• Draft and manage policy documents for senior management review and approval

• Communicate directly with vice president and senior vice presidents to review and approve policy

• Plan, direct, manage and report metrics and key information to senior management on the status of the policy development program

• Plan and manage processes to develop, maintain, and manage policies and controls to ensure on time approvals and support to internal and external audits.

• Operate with minimal guidance, develop plans, and execute policy development in a dynamic environment

• Manage audit requests related to policies and ensure that company meets requirements

• Bachelor's degree in business, accounting, finance, computer science, information systems, engineering, or a related field strongly preferred; equivalent combination of education and experience may be substituted in lieu of degree

• At least two (2) years of GRC (governance, risk, compliance) experience with methodologies, activities, tools, and enablers in a technology related industry and five (5) - seven (7) years of experience in business process analysis, project methodology, or systems development life cycle through education or on-the-job experience, required

• Ability to demonstrate a strong understanding of various compliance and regulatory areas (e. g. GDPR, NIST 800-53, DFARS/NIST 800-171, ISO27001)

• Demonstrate the ability to develop and/or coordinate creating security standards and guidelines based on best practices and industry standards

• Excellent written, and verbal communication skills

• Strong analytical and problem-solving skills

• Familiarity with security auditing processes

• Information security related training or certifications such as CISSP or CRISC

• Experience with GRC tools (i.e. Archer, ServiceNow, AuditBoard)

• Technology writing experience