[Hiring] Cybersecurity Governance, Risk and Compliance Manager @Little Caesars Pizza

Role Description

The Cybersecurity Governance, Risk, and Compliance Manager will drive and manage the enterprise-wide Governance, Risk, and Compliance capabilities regarding information management, risk management, policies & standards, and internal/external compliance. The manager will lead a team that will design, develop, document, and communicate Governance, Risk, and Compliance related policies, standards, and procedures and is a key enabler in driving consistency across LCE.

• Drive compliance leadership and engagement with the stakeholder operations teams to ensure the timely identification of cyber risk across markets as well as compliance with all appropriate regulatory requirements and internal cybersecurity policies and standards.
• Develop and implement a cybersecurity risk assessment framework/methodology, standards, guidelines, and procedures with KPIs and coordinate the assessment across all business verticals.
• Develop and oversee the adoption of a global cybersecurity policies and standards framework.
• Collaborate with Legal and Corporate Data Protection functions in the interpretation of regulatory requirements and compliance expectations.
• Lead the development of a high-value asset framework, information management controls to drive the proper application of security controls.
• Lead the development of and oversee a global cybersecurity training, education, and awareness program.
• Lead a strong team of professionals assigned to major initiatives ensuring dependable and responsive support to the organization.
• Maintain up-to-date, detailed knowledge of the IT security industry and share and educate colleagues to mature the organization.
• Develop and manage compliance metrics within the governance risk and compliance system.
• Responsible for hiring, training, performance management, and corrective actions for direct reports.

Qualifications

• Bachelors’ degree in Information Management, Information Security, Computer Engineering, Computer Science, or other closely related disciplines. Equivalent experience may be considered in lieu of a formal degree.
• Minimum of seven (7) years of experience in cybersecurity related functions, risk management, audit, risk assurance, compliance, or similar area.
• Minimum of four (4) years of progressive experience leading and managing a team building custom technical solutions and implementing third-party products.
• Extensive cybersecurity governance, risk management, and compliance leadership experience in a large complex business organization.
• Detailed working knowledge and prior experience in building and maintaining risk management framework, risk management processes, and associated reporting models.
• Experience developing and implementing third-party risk management frameworks and processes.
• Experience and familiarity with cloud data security and working with public cloud solutions.
• Experience working with a Governance Risk and Compliance tool.
• Experience identifying, evaluating, and managing risk in a complex and changing global environment.
• Experience developing or leading impactful cybersecurity awareness materials and campaigns at a global level.
• Prior experience developing security standards and policies and discerning and designing an organization’s protection needs.
• Experience with asset management.
• Demonstrated ability to prioritize and execute tasks in a high-pressure environment.
• Requires self-motivated approach to work with keen attention to detail.
• A proactive goal achiever who innovates to go above and beyond expectations.
• At least one of the following certifications is required or must be obtained within your first 12 months of employment: CISA, CISM, CRISC, or CISSP.
• Deep understanding of cybersecurity and the relationship between threat, vulnerability, and information value.
• Knowledge of current industry methods for evaluating, implementing, and disseminating IT security tools and procedures.
• An understanding of emerging technology and digital trends and their impacts on cybersecurity.
• High proficiency with common cybersecurity management frameworks, regulatory requirements, and industry leading practices.
• Strong knowledge of third-party management leading practices and the potential cybersecurity risks involved in third-party relationships.
• Strong knowledge of organizational training and education policies, processes, and procedures.
• Deep understanding of risk-based decision-making.
• Experience with technical documentation related to PCI DSS, ISO 27001, NIST, SOC 2 and continuous monitoring.
• Demonstrate strong verbal and written communication skills as well as strong analytical and problem-solving abilities.
• Strong process design, time management and organizational skills.
• Strong work ethic, leadership skills, initiative, and ownership of work.
• Proven ability to build consensus and support across the organization.
• Proven ability to communicate complex information, concepts, or ideas in a confident and well-organized manner.

Benefits

• A state-of-the-art building with a modern-day, open environment in the heart of The District Detroit.
• A colleague fitness center, work café and an outdoor patio with grills.
• Over 60 different meeting spaces to help promote a collaborative environment.