Job Location
San José
Job Description
The Information Security Governance, Risk, and Compliance (GRC) Organization at Procter & Gamble is responsible for risk identification, assessment, and remediation across the IT landscape, as well as driving automated governance and compliance breakthroughs. We are looking for experienced GRC Leaders with a passion to creatively solve problems, automate compliance processes, and lead risk for the company. This role would focus on the Technical Security Management policy area.
Responsibilities:
Transform the Technical security Management policy area to be risk based meeting all GRC requirements.
Stay up-to-date with how current events, security focus areas, and the regulatory environment may impact P&G’s compliance processes
Gain and sustain a broad in-depth knowledge of security control, compliance, and auditing frameworks and apply these to the leadership of Information Security projects and processes
Consult and advise regarding security compliance requirements pertaining to applicable laws, regulations, and other governance requirements
Conduct ongoing risk assessments and develop and execute risk-response plans to address high-risk areas. Measure, report, and explain IT risks to stakeholders.
Own, assess, create, and update Information Security policies, standards, and controls, and support P&G in effectively implementing these across the global IT organization
Manage policy strategy, development, deployment, training, enhancement, and maintenance across the policy lifecycle and align top priorities with Information Security Leadership
Collaborate with IT Operations Teams to ensure alignment to controls and procedures. Consult with cross-functional stakeholders on risks relevant to their processes.
Monitor the effectiveness of security controls and identify gaps in compliance. Analyze control measurements for negative trends and reoccurrence frequency.
Collaborate with Application Managers on new technologies being leveraged in P&G’s IT environment to support their secure use through the creation of relevant governance frameworks and processes
Lead Information Security projects and initiatives that improve compliance across the organization
Collaborate with internal/external auditors on compliance audits, audit findings, and issue remediation
Contribute to the continuous improvement of the risk and compliance mindset across P&G. Build IT risk awareness by providing support and training to others.
Success Criteria:
Updated risk map and risk register, taking into consideration the external environment, industry trends, corporate business plans, and IT strategy
Clear, aligned, funded, on-track action plans to reduce company risk
Automated measurements of security compliance across the enterprise, with targeted interventions defined for areas of non-compliance
Collaborative interactions with internal/external auditors resulting in accurate audit results and meaningful next-steps to drive continuous improvement
Active participation with security groups to continuously benchmark P&G’s policy strategy to gain insights on industry best practices
Job Qualifications
Qualifications (Required):
Bachelor’s degree in Computer Science, Computer Systems Engineering, Industrial Engineering, Business Management Information Systems, Software Development, Cyber Security, or related field
English B2+
5+ years of relevant experience in Governance, Risk, and Compliance roles (e.g. Risk Manager, Risk Analyst, Compliance Manager, Auditor)
Experience with IT Governance processes such as policy management and implementation, monitoring and reporting of compliance results, and identification and escalation of risks
Ability to influence and build relationships with business unit stakeholders, external service providers, and architecture teams
The ability to work independently, collaborate, and learn quickly
Technical experience with operating systems, platforms, Cloud is highly recommended.
Qualifications (Preferred Skills):
Certified in ISACA CRISC, CGEIT, CISA, and/or CISSP (or willing to attain certification within the first 12-months of employment)
What we offer!
We’ll give you responsibilities as of Day 1 – you will feel the ownership of your project from the beginning, and you will be given specific projects and responsibilities
You’ll have continuous mentorship – you will work with passionate people and receive both formal training as well as day-to-day mentoring from your manager
We offer you to work and be part of a dynamic and supportive environment
We promote agility and work/life balance for employees, we value every individual and support initiatives, promoting.
We love flexibility. You can arrange your work schedule based on your personal needs.
We will let you experience true support for work/life effectiveness and your long-term well-being.
We will give you a competitive salary and benefits’ package.
Job Schedule
Full time
Job Number
R000086404
Job Segmentation
Experienced Professionals (Job Segmentation)
Â