About the Role

This role will be based either in the NJ Unilever office or the H&W offices in the Los Angeles area.

About UNILEVER

• We are a business that makes a real impact on the world with 3.4 billion people in over 190 countries using our products every day.
• Work on brands that are loved and improve the lives of our consumers and the communities around us.
• We are driven by our purpose: to make sustainable living commonplace, and it is our belief that doing business the right way drives superior performance.

Global Health & Wellbeing Team at UNILEVER

We are a start-up (less than 3 years old), focused on one of Unilever's largest growth opportunities – the $140bn Health & Wellbeing space defined by Vitamins, Minerals, and Supplements (VMS).

We work in an agile and entrepreneurial way, collaboratively within the team and with our Unilever colleagues around the world.

Our work includes:

• equilibra (Italy)
• US acquired brands Olly, LiquidIV, SmartyPants, Welly, Onnit and Nutrafol

Job Purpose

H&W is seeking an experienced Cybersecurity Lead responsible for protecting our business, leading the cybersecurity strategy and addressing the unique challenges posed by our hybrid model and the evolving digital landscape.

Main Responsibilities

1. Reporting directly to the Chief Information Officer, the Associate Director, Cybersecurity has responsibility for all data/information security policies, standards, evaluations, roles, and organizational awareness.
2. Managing privacy, data and information risks related to product development, technology solutions, crisis management, governance, risk, and compliance.
3. Accountable for building on the foundations and uplifting our top businesses to a strong cybersecurity position benchmarked against all acquired businesses.
4. Developing and implementing an effective policy compliance monitoring and enforcement program.
5. Maintaining current knowledge of applicable regulatory and compliance issues related to information security.
6. Implementing and overseeing an enterprise-wide information security strategy and program, including policies, consistent with applicable regulatory and compliance requirements.
7. Maintaining an accurate inventory and risk assessment for critical third parties and manage third-party risk effectively.
8. Implementing and managing the risk management program, including threat modelling, risk identification, and mitigation planning, and provide regular updates to executive management.
9. Preparing and presenting quarterly cybersecurity health reports to H&W leadership, covering top risks and recommendations.
10. Serving as the single point of contact for cybersecurity issues, ensuring a seamless and efficient communication channel between OpCos and Unilever cybersecurity.
11. Providing strategic and tactical security guidance for programs and projects that may involve security controls, including the evaluation of the enterprise architecture, hardware, software, and technical controls.

What You Will Need to Succeed

• 10 years of experience, with broad background information security and systems architecture.
• Experience operating within a shared services model and three lines of defence roles and responsibility's structure.
• Should have experience with business continuity planning, auditing, and risk management, as well as contract and vendor negotiation.
• Experience in implementing and monitoring IT General Controls in support of overall SOX audits.
• Experience with SIEM, CMMC, SOC, IAM, CCPA, and GDPR.

Critical SOL (Standards of Leadership) Behaviors

• Personal Mastery
• PASSION FOR HIGH PERFORMANCE
• Talent Catalyst
• Purpose & Service
• Consumer Love
• Business Acumen

About UNILEVER

UNILEVER is committed to diversity and inclusion to drive our business results and create a better future every day for our diverse employees, global consumers, partners, and communities.

We believe a diverse workforce allows us to match our growth ambitions and drive inclusion across the business.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, protected veteran status, or any other characteristic protected by local, state, or federal law and will not be discriminated against on the basis of disability.