The Information Security Governance and Compliance Manager is responsible for driving governance and compliance at Southern Glazers Wine and Spirits (SGWS) as part of the Information Security program. In this role, you’ll oversee the development and lifecycle management of governance items such as policies, standards, controls, and compliance frameworks. You’ll also conduct and oversee risk-based compliance testing of internal controls, application controls, infrastructure systems, and information technology processes. This position offers the opportunity to craft program roadmaps, resource planning, and capability enhancements to drive growth and maturity of the ever-important governance and compliance program. You’ll work closely with teams within the Information Technology department, as well as general business areas.
This position reports to the Director of Information Security Governance, Risk, and Compliance.
Strong knowledge of cybersecurity governance, regulations, and security frameworks
Demonstrated understanding of a wide range of compliance and technology frameworks (NIST Cybersecurity Framework (CSF) and 800-53, ISO 27001 & 27002, Cloud Security Alliance (CSA), OWASP, CIS Benchmark, etc.)
Ability to understand new laws and regulatory requirements and how they relate to company risk, information security, governance, and compliance
Proficient in developing and maintaining governance items such as policies, standards, and controls
Expert-level skill in executing compliance control testing programs and processes
Strong understanding of the implementation of effective control and/or mitigation options to manage security risks
Skill in leading the process of Issues Management and associated remediation efforts
NIST CSF Self-Assessment
Leadership and Soft Skills
Exceptional consultative and interpersonal skills that result in business relationships of impeccable trust, confidence, and results at all levels within the organization
Skilled at managing high-performing teams of GRC analysts
Implementing and using GRC/IRM tools to manage GRC processes (experience with ServiceNow GRC/IRM a plus)
Knowledge of cloud security concepts and best practices
Skilled in the understanding of IT systems and supporting technologies
Southern Glazer's Wine and Spirits provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.