Vacancy expired!
Plant Name: Atlanta Headquarters Requisition ID:005689 Mauser Packaging Solutions is a global leader in solutions and services across the packaging life-cycle, providing large and small metal, plastic, fiber and hybrid packaging worldwide to companies in industries from food, beverage, personal care and pharmaceuticals to chemicals, petrochemicals, agrochemicals and paints. Bringing together the very best of its four legacy companies- BWAY, MAUSER Group, NCG and ICS-Mauser Packaging Solutions offers its customers true sustainability at scale. Job Description As the Manager of Information Security Risk and Compliance, you will lead and motivate a cross-functional team of members in the development and implementation of compliance solutions. You will engage with leaders across the enterprise on matters ranging from implementation of risk policy to monitoring of 1st line control execution and management of remediation activities. This function includes, but is not limited to, independently performing complex and often unique work assignments and problem resolution within an enterprise projects and functions. You will serve as the subject matter expert to ensure documents, projects, processes, and product initiatives comply with regulatory and legal requirements and enterprise policy. The position will work closely with both Enterprise Risk Management and the business areas to ensure there is a consistent and common approach to implementation of risk management activities. The scope of services will include working with the Information Technology, Identity and Access Management and Cyber Risk Monitoring and Compliance functions. Duties Develops and maintains a consistent, repeatable process for identifying risks, qualitatively and quantitatively risk assessments, determining risk treatment, and managing associated findings and remediation plans. Scope of risk management domain includes, but is not limited to, asset risk management, third party risk management, and vulnerability risk management. Develops and reports security risk and compliance metrics for the enterprise, departments, processes, and individual assets. Collect and manage monthly KRI data; analyze and facilitate discussion with the business areas. Develops information security policies, standards, procedures, and guidelines in accordance with the overarching Information Security Risk Framework. Supports ongoing compliance activities and monitoring efforts across applicable Regulations and Standards (e.g. HIPAA, SOX, GDPR, etc.). Serves as a GRC subject matter expert for information risk by supporting complex analysis and leading risk management capability improvement. Manages policy exceptions, identifies rationale and risks in support of exception requests, weighs effectiveness of compensating controls, and makes recommendations around exception requests. Influences technical and strategic direction of the Risk Management and Compliance program. Develops, designs and delivers compliance strategies to influence business leadership on effective solutions. Maintains and expands expert knowledge of the competitive/regulatory landscape and the company's key challenges. May coordinate and respond to regulatory requirements and requests and ensures the execution of examinations. Executes compliance risk management activities in accordance with enterprise compliance standards. Serves as the technical expert regarding compliance laws and regulations and provides direction to others on complex issues. Responsible for the design and build of Risk solutions and frameworks. Defines information security controls that support risk assessments and support the development of secure architectures. Ensure program alignment with the overall business strategy. Provide security risk consulting services internally to the organization by giving security guidance and functioning as an information security subject matter professional. Includes security an
