job summary: Position Objective:
Position holds the role of the Local Information Security Officer for North American affiliates, coordinating activities and compliance as identified by Porsche AG's Global Corporate Information Security Officer. Position leads information security governance for North America. This includes directing the processes and procedures that pertain to information security and the group information security directives.
The Information Security Manager would take on the tasks of ensuring data confidentiality, integrity, availability and authenticity. This will include vendor management, risk assessment, vulnerability management, regulatory compliance and reporting. She/he would need to guide business departments through the proper processes to ensure information security directives are met.
He/She will work across PCNA's IT teams to assist with project tasks. He/She will be responsible for providing deliverables, performing tasks, and keeping project leaders abreast of project status while ensuring that all project timelines are met. He/She will be required to have a deep understanding of how IT projects meet the needs of the business.
The Information Security Manager will need to work autonomously and provide direction and approval to business owners regarding data governance topics. He/She will need to present metrics and status upward and across the organization and liaise with North American sister companies. He/She will need to stay up to date with information security best practices and standard frameworks.
location: Atlanta, Georgia
job type: Permanent
salary: $115,000 - 120,000 per year
work hours: 7 to 3
responsibilities: Primary Responsibilities:
- Creates and proposes information security strategy and policies to Porsche executives and senior leadership teams
- Conduct vendor information security risk assessments and reviews per the locally developed process in compliance with the Porsche Information Security directives.
- Performs facility audits identifying information security risks, exposures and safeguards. Document risks, create recommendations and develop counter measures.
- Ensures compliance with legal requirements and Porsche policies in regards to information security; and advises the Director, Information Technology on anomalies and create monthly management reports.
- Coordinates the efforts of Porsche AG and North American subsidiaries to fulfill information security requirements.
- Conduct information security reviews of key vendors and all externally hosted and developed websites
- Develop and maintain a corporate information security awareness program
- Review and red line vendor agreements for compliance to information security standards
- Review vendor responses to self-assessments (audits)
- Responsible for the proper usage, awareness, and compliance of Porsche policies and procedures
- Support internal audit activities and oversee audit measure resolution tasks
Responsible for Porsche North America vulnerability management
qualifications: Qualifications: Education:
- Bachelor's degree in Computer Technology, MIS, or Computer Science; or the equivalent education, certification or relevant experience
- Preferred to have one of the following certifications
- CISSP, CISM, CISA, CompTIA Security+
- Deep understanding of industry accepted standards and frameworks (ISO 2700x, NIST, PCI)
- Strong multi-tasking skills with the ability to handle multiple priorities
- Proficiency with MS Office applications including Project and Visio
- Exceptional organizational skills
- Ability to work independently
- Excellent communication skills - both verbal and written
- Technical Knowledge - overall understanding of applied information technology
- Detail oriented
- Problem solving
- Information security industry best practices
- Vendor agreements
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.