Security Process Control Specialist

Position Summary:

This role will report to the Director Global Security Governance & Awareness within Global Information & Cybersecurity. As part of the security governance & awareness team, this role will help with driving and improving the Global Information Cyber Security program and Global Technology document management program, processes, and security awareness activities.

Job Responsibilities:

• Analyze, manage, facilitate and oversee the creation, review and update of Global Information & Cyber Security and Global Technology policies, standards, and procedures. Collaborate with subject matter experts to address new requirements and emerging business needs in a secure manner.
• Manage the document management process for policies, standards, SOPs, and supporting documentation, including flowcharts and presentations.
• Facilitate bi-weekly Policy & Standards Working Group (PSWG), which involves policy, standard and exception approals, as well as all updates on the security awareness program.
• Coordinate and manage agendas and content for the Policy and Standards Working Group, the GICS Council, and applicable Process Advisory Groups (PAGs).
• Manage the policy framework process and policy compliance metrics. Produce monthly metrics related to the policy framework, as well as a process scorecard quarterly. Track and provide monthly metrics on all document management processes.
• Ensure that all applicable policies are translated to the appropriate languages using ADM preferred vendors and publish all documents to SharePoint.
• Support the development and implementation of security awareness program training, materials, and events.
• Tracking of expenditures against allocated security awareness and translation budgets
• Manage content on the Sharepoint sites.
• Work with Corporate Communications, and all available avenues for all security awareness communications regarding, policies and standards updates, security awareness promotions, security awareness month and any other security related communication needs.
• Support execution of security and technology assessments for customers, 3rd parties, applications, technology, and vendors as part of the security program for all technology related inquiries.
• Compile, review, and analyze information to formulate recommendations, metrics, and reports for management review and decision making.
• Support partnership with GT Risk Assurance to ensure visibility, smooth handoffs and constant communication.
• Develop and maintain documentation, process flows and organization for all GICS Governance processes.
• Support all cyber regulatory compliance efforts across all of ADM as needed.
• Monitor and report compliance for the document review process.
• Develop documented materials to ensure successful collaboration, communication and implementation of internal projects.
• Support cross-functional initiatives to continually drive the consistency of documentation standards.
• Maintain accurate records to efficiently support the governance of current, and future documents.
• Develop and conduct clear and effective training as required to support document management efforts and process improvement.
• Develop and manage clear and effective project management materials to ensure that initiatives remain on-scope, in budget and on-schedule.
• Perform functions in a timely manner and with extreme level of attention to detail, urgency and thoroughness.
• Collaborate with key business units and capability stakeholders, including, but not limited to, Risk, Privacy, IT, Internal Audit, InfoSec, Corporate Security, and HR to develop and improve Information Governance documentation and communications with the enterprise.

Required Skills:

• Mastery of current American or British English as applied to document management and the creation of training materials.
• Expert knowledge of the Microsoft Office suite (Word, PowerPoint, Excel, Outlook) and Visio.
• Minimum of 5 years of experience in document management and process improvement.
• Experience with document management solutions.
• Knowledge and experience with process flows, process documentation and solid understanding of a process focus in an organization.
• Experience working with SharePoint to update internal site as needed, and publish policies, standards and security awareness events.
• Ability to work and communicate cross-functionally within and outside the organization .
• Minimum of 2 years of experience with developing clear, concise documented materials .
• Applies sound judgment and creativity to solve complex problems.
• Ability to excel in a rapidly changing environment.
• Strong verbal and written communication skills; ability to drive discussions and influence decision making; strong presentation and reporting skills. Proficient in technical writing and leveraging various creative mechanisms to communicate to diverse audiences .
• Ability to communicate with and create documentation for technical and non-technical audiences
• Ability to set priorities, meet deadlines and handle multiple initiatives.
• Critical thinking and problem-solving skills.
• Strong leadership and communications skills.
• Limited, very little travel required.

Desired Skills:

• Minimum of 2 years of project management experience
• Security knowledge and experience with NIST CSF and ISO 27001/27002.
• Experience with development materials to support training and User Guides to support Security Awareness Program.
• Experience with developing and conducting effective training materials
• Ability and the experience to produce and automate metrics for policy compliance using tools such as Power BI.
• Active project management, process improvement, or document management certification.
• Knowledge of one or more languages other than English (e.g., German, Dutch, Spanish, Portuguese, French) and technical knowledge of structuring English for ease of translation.
• Experience with technical writing, and/or policy and procedure documentation
• Knowledge of, or demonstrated ability to learn, cyber and regulatory requirements to support document management and process improvement for GRC business needs.
• Knowledge of SharePoint site management.

Education Requirements:

BA/BS degree or higher or equivalent experience