WHAT TO EXPECT
This is a great opportunity for the Information Security Governance and Compliance Manager to join JLR's Information Security Governance, Risk, and Compliance department, which is responsible for protecting the company's digital landscape while ensuring regulatory compliance.
As the Information Security Governance and Compliance Manager, you will oversee all aspects of developing and implementing comprehensive risk management and compliance strategies, collaborating closely with senior leadership, internal teams, and third parties to align Governance, Risk, and Compliance initiatives with JLR's business objectives. Furthermore, you will lead the effort to help our stakeholders identify their security concerns and then describe, plan, and implement initiatives to improve their security posture.
This is an exceptional chance to work in a dynamic, growing team and play a critical role in protecting JLR's information assets globally.
Key Accountabilities and Responsibilities:
1. Oversee and lead the Information Governance and Compliance strategy and contribute to the development of the overall processes and artefacts (e.g., policies, standards, KPIs).
2. Set the internal and external benchmarks of compliance for JLR ICS.
3. Create and provide security governance and compliance metrics and reports to management.
4. Develop, implement, and maintain governance frameworks (e.g., IT project governance, Connected Car, supplier/vendor security).
5. Collaborate with business domains, internal/external audits, and third parties to create and implement cross-organisational security governance and compliance processes.
6. Receive, manage, and progress governance and compliance tickets/business queries.
7. Support IT and the business in adhering to documented ICS policies, standards, and procedures, providing education and awareness across the organisation and external stakeholders.
WHAT YOU'LL NEED
1. Comprehensive knowledge of external compliance requirements.
2. Previous experience in defining information security procedures, functions, and practices based on industry best practices.
3. Strong written and oral communication skills, as this role will interface with business leaders and third-party vendors and adapt content to suit technical and non-technical audiences.
4. Strong conceptual understanding of information security frameworks and standards such as ISO 27001, NIST CSF, SCF, COBIT, and GDPR.
5. Strong project management and vendor management skills.
6. Experience with Agile methodologies (e.g., SAFe, SCRUM).
7. Previous experience within a similar role in highly regulated businesses.
#J-18808-Ljbffr