What are the responsibilities and job description for the Information Security Manager - Governance, Risk & Compliance position at Axalta?
Axalta is searching for an Information Security - Governance, Risk & Compliance Manager to join our team in the Philadelphia, PA area.
The Information Security - Governance, Risk & Compliance (GRC) Manager will serve as a strategic leader, driving the development, operation, and continuous improvement of the organization's global security GRC program. This role entails managing cybersecurity risk, ensuring IT audit and compliance requirements are met, overseeing supplier / vendor security reviews, and aligning the security governance and controls program with best practices and regulatory frameworks. The GRC Manager will collaborate extensively with other security and technology teams, Internal / External Audit, as well as business and leadership stakeholders.
In this role you will :
- Provide Hands-On management of all aspects of Security Governance, Risk & Compliance services, capabilities, staff, and third-party relationships.
- Own the IT Compliance, Audit, & Risk Assessment service portfolio for the Information Security program, driving the annual plan for each in a strategic manner, and ensuring high quality outcomes.
- Perform a range of risk assessment activities including enterprise wide, business unit, asset or control framework / standards (e.g. ISO 27001, NIST CSF, CIS) based assessments and presenting findings to both technical and business audiences.
- Analyze technologies and business requirements to establish highly effective processes, policies, standards, guidelines, and procedures to ensure comprehensive protection exists to ensure a safe, secure, and resilient technology environment and information assets.
- Oversee the execution of the IT General Controls framework supporting Sarbanes Oxley requirements. This includes functioning as the primary liaison with Internal and External Audit as well as Control Owners for control design, operation, testing, and remediation planning.
- Own the management of the security risk register, ensuring risk is appropriately tracked, and remediation strategies are documented.
- Manage the security metrics and reporting program, developing standard update reports, scorecards, and trend summaries to communicate the performance and health of the security program at regular intervals to leadership stakeholders.
- Participate in leading Security Awareness activities for the organization.
- Develop and maintain security controls, policies and capabilities as part of the Information Security Framework with ability to map / crosswalk controls between frameworks / standards (ISO 27001, NIST CSF, CIS).
- Manage third party, vendor and supplier security risk management and contractual activities in conjunction with Legal, Procurement, Purchasing and Supply Chain teams.
- Participate in all phases of the SDLC and project life cycles as needed for corporate initiatives - design, build and operate, ensuring technology initiatives align and comply with internal security policy and standards, as well as support relevant controls from standards / frameworks including as Sarbanes Oxley, ISO 27001, CIS, NIST CSF).
Qualifications : Required :
Our Company :
Axalta has remained at the forefront of the coatings industry by continually investing in innovative solutions. We engineer technologies that protect customers' products - whether they are battling heat, light, corrosion, abrasion, moisture, or chemicals - and add dimension and beauty with colorful finishes. We have a vast and ever-evolving portfolio of brands primed to play an important part in everything from modernizing infrastructure around the world to enabling the next generation of electric and autonomous vehicles.
Axalta operates its business in two segments : Performance Coatings and Mobility Coatings, which serve four end markets, including Refinish, Industrial, Light Vehicle and Commercial Vehicle, across North America, EMEA, Latin America and Asia-Pacific. Our diverse global footprint allows us to deliver solutions in over 140 countries and coat 30 million vehicles per year. We've recently set an exciting 2040 carbon neutrality goal, in addition to 10 other sustainability initiatives, and we take pride in working with our customers to optimize their businesses and achieve their goals.
1.2 - First / Mid Level Officials and Managers (EEO-1 Job Categories-United States of America)