Posted:
12/18/2024, 11:31:22 PM
Location(s):
Wayne, New Jersey, United States ⋅ New Jersey, United States
Experience Level(s):
Senior
Field(s):
IT & Security
Workplace Type:
Hybrid
In this role, you will lead the Governance, Risk, and Controls (GRC) function within the Information Security Team. You will develop and maintain our global organization's information security policies, assess compliance (internal and external), and deliver security awareness programs across the entire company. You will also assess, communicate, and manage information security risks in a structured framework.
Your responsibilities:
Manage the information protection policy process, including ongoing process improvements
Identify the need for new or updated policies, and draft content for same
Advise and consult with internal and external entities regarding information security policy issues.
Actively manage and participate in audit readiness and audit conduct activities, including internal self-assessment, and continually improve these processes
Escalate and expedite potential compliance and audit issues
Liaison with internal and external auditors
Liaison with related functions such as Physical Security, Legal, HR, and IT
Manage information security reviews for third-party providers
Regularly measure compliance with internal and external requirements and frameworks
Build and maintain an information security risk management framework
Proactively identify risks and propose remediation activities and risk treatments
Measure and report on all information security risk, policy, compliance, and audit items
Build and maintain the overall Information Security Scorecard
You're a great fit, if you:
Have 5+ years of relevant experience in a similar position within Information Security, with a focus on governance, risk management, and compliance
Demonstrate experience in developing and implementing IT security policies, procedures, and standards
Have a proven track record of conducting risk assessments and managing IT security risks
Possess relevant security certifications such as CISSP, CISM, or CISA
Are proficient in designing and implementing security controls and measures
Have experience with security frameworks and best practices
Possess strong knowledge of global regulatory requirements and industry standards (e.g., GDPR, ISO 27001, NIST)
Demonstrate the ability to collaborate effectively with various departments and stakeholders, including external providers
Are familiar with OneTrust (desired), MS Office
Hold bachelor's degree or equivalent work experience
Speak fluent English
We offer:
A chance to shape GRC policies within a global organization
Being part of a fast-growing, dynamic company, one of leading global packaging manufacturers
Fast-paced, challenging environment with great professional growth opportunities
Collaborative culture with strong quality and innovation focus
Flexible hybrid work arrangement (2 days/week in the office preferred)
If you are a current CANPACK employee, please apply through your Workday account.
CANPACK Group is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, colour, religion, age, sex, sexual orientation, gender identity, national origin, disability, or any other characteristic protected by law or not related to job requirements, unless such distinction is required by law.
Website: https://canpack.com/
Headquarter Location: Krakow, Malopolskie, Poland
Employee Count: 5001-10000
Year Founded: 1992
IPO Status: Private
Industries: Consulting ⋅ Food and Beverage ⋅ Manufacturing ⋅ Packaging Services