remote
Senior Manager, Information Security Governance, Risk & Compliance - Ryder System, Inc.
Software Engineer
Senior Manager leading a global team to execute IT risk, governance, compliance, and privacy programs, ensuring adherence to industry standards and protecting critical systems and data.
About the role
Job Seekers can review the Job Applicant Privacy Policy by clicking here .
Job Description :
- Lead a team of risk, compliance, and privacy experts who partner with global technology teams and business leaders in the execution of Ryder’s Information Security Management System.
- Lead the development and ongoing management of common control and risk management frameworks for measuring the organizational security posture based on industry, regulatory, and customer needs.
- Serve as a trusted partner to educate and collaborate on information security and risk management best practices with stakeholders in Corporate Compliance, Enterprise Risk Management, Internal Audit, Physical Security and Safety, Legal, and IT.
- Lead the development and ongoing management of global information security policies and corporate standards throughout the organization that align with industry guidance and result in effective methods to reduce security risks.
- Lead the development and management of a global third-party risk management program to evaluate new and existing vendors on a regular basis based on their criticality to the business.
- Lead the development and management of a global information security customer compliance program which facilitates the processes for handling customer requests for information security attestations, audits, on-site reviews, and remediation of security findings.
- Lead the development and management of a modern, engaging, global information security training and awareness program to provide ongoing information security education to all levels of the organization.
- Lead the development and management of an IT enterprise risk register to properly catalog, manage, communicate, and assess global IT risks.
- Provide information security due diligence assistance to global business partners as part of Ryder’s mergers and acquisitions program.
- Performs other duties as assigned.
- Strong verbal and written communication skillsa keen ability to explain complex technical and security concepts to non-technical business stakeholders and management
- Excellent time management, organization, and analytical skills
- Demonstrated ability to drive multiple projects to successful completion
- Demonstrated ability to educate, coach, and mentor individuals at all organizational levels on information security
- Ability to create and maintain professional relationships within all levels of the organization (peers, work groups, customers, supervisors)
- Familiarity of NIST framework, PCI, ISO 27001, SOC, SOX, CCPA, GDPR and global regulations advanced required
- Experience in risk management findings, vulnerability prioritization, threat modeling, and mitigation strategy advanced required
- Bachelor's degree required Information Security, Computer Science, related field, or equivalent work experience
- Master's degree preferred