Job Description: The Raytheon Intelligence & Space (RI&S) business is seeking an experienced federal compliance leader to lead a team in all aspects of federal cybersecurity risk, audit and compliance processes. The Director - Federal Risk & Compliance will be responsible for ensuring the RI&S network, programs, global sites and subsidiary security controls and processes are architected and designed in a manner to ensure continuous compliance with all federal policies, standards, regulations, procedures and applicable laws. The Director will be responsible for engaging with Enterprise Services, RI&S business product line leaders, program leaders, subsidiaries, global sites and process owners on the documentation, evaluation, and monitoring of the appropriate federal cybersecurity controls across the RI&S computing environment. The ideal candidate will also have experience in both compliance and operational audits, as well as prior hands-on cybersecurity experiences in the defense industry and/or federal agencies. Key Responsibilities: * Manage and lead a team of IT security and compliance experts responsible for identifying and driving the RI&S business cybersecurity standards and processes needed to continuously comply with federal regulatory and legal standards along with their associated reporting requirements. * Establish and maintain a program to track and monitor ATO and POAM completion to ensure timely execution of processes and plans to maintain compliance standards. * Develop strategic roadmaps for capabilities and services to achieve RI&S federal compliance standards and authorizations (ATOs) at the speed of the business. * Coordinate and support audit activities of the RI&S computing environment, focused on DoD and federal security controls, with process and control owners and internal/external auditors * Assist process and control owners to understand cybersecurity related assessments and audit results, identify remediation options, prioritize and see them through to completion * Assist in the development of appropriate security documentation, including system security plans, information security policies and procedures to ensure compliance with government, legal, and regulatory standard requirements * Assist product line and program leaders in assessing compliance impacts to systems and applications * Stay abreast with current & emerging industry related IT security federal regulations, and compliance standards. * Support RI&S and RTX participation in security forums and standards working groups. Qualifications: * 14+ years of progressive cybersecurity or compliance experience with a B.S. degree in Science, Technology, Engineering or Mathematics (STEM) or ten years of progressive cybersecurity or compliance experience, and an M.S./M.A. degree. * Network architecture experience with advanced knowledge of network technologies/protocols and computer security concepts in a large scale networking environment. * Experience with operational, compliance, and IT security audit functions including NIST 800-53, NIST 800-37, NIST 800-171, and ISO 27001, or COBIT. * Strong comprehension of Information Security concepts and practices including vulnerability and compliance tools and processes, awareness of vulnerabilities, emerging threats, and the ability to map adversarial tactics to effective controls. * Demonstrated ability to lead, manage and be fully accountable for a geographically dispersed virtual team supporting a fast-paced work environment. * Good social, verbal, and written communication skills, with demonstrated ability to develop and effectively communicate cybersecurity matters and processes to senior management and executive audiences. * Strategic planning experience including documenting workflows, developing service roadmaps and future state plans. * Strong deductive reasoning, critical thinking, problem solving, and prioritization skills. * Certified security expert - CISSP or CISM and CISA. * Existing Secret clearance required Desired Qualifications: * Understanding of cloud-based IT systems or hybrid cloud delivery models designing, developing in, or transitioning systems and processes to the cloud * Understanding of developing, testing, implementing, and maintaining complex applications and/or databases including web applications and interfaces * Six Sigma and / or Lean certification This position requires either a U.S. Person or a Non-U.S. Person who is eligible to obtain any required Export Authorization.185277 Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender orientation, gender identity, national origin, disability, or protected Veteran status.
09/25/2021
Full time
Job Description: The Raytheon Intelligence & Space (RI&S) business is seeking an experienced federal compliance leader to lead a team in all aspects of federal cybersecurity risk, audit and compliance processes. The Director - Federal Risk & Compliance will be responsible for ensuring the RI&S network, programs, global sites and subsidiary security controls and processes are architected and designed in a manner to ensure continuous compliance with all federal policies, standards, regulations, procedures and applicable laws. The Director will be responsible for engaging with Enterprise Services, RI&S business product line leaders, program leaders, subsidiaries, global sites and process owners on the documentation, evaluation, and monitoring of the appropriate federal cybersecurity controls across the RI&S computing environment. The ideal candidate will also have experience in both compliance and operational audits, as well as prior hands-on cybersecurity experiences in the defense industry and/or federal agencies. Key Responsibilities: * Manage and lead a team of IT security and compliance experts responsible for identifying and driving the RI&S business cybersecurity standards and processes needed to continuously comply with federal regulatory and legal standards along with their associated reporting requirements. * Establish and maintain a program to track and monitor ATO and POAM completion to ensure timely execution of processes and plans to maintain compliance standards. * Develop strategic roadmaps for capabilities and services to achieve RI&S federal compliance standards and authorizations (ATOs) at the speed of the business. * Coordinate and support audit activities of the RI&S computing environment, focused on DoD and federal security controls, with process and control owners and internal/external auditors * Assist process and control owners to understand cybersecurity related assessments and audit results, identify remediation options, prioritize and see them through to completion * Assist in the development of appropriate security documentation, including system security plans, information security policies and procedures to ensure compliance with government, legal, and regulatory standard requirements * Assist product line and program leaders in assessing compliance impacts to systems and applications * Stay abreast with current & emerging industry related IT security federal regulations, and compliance standards. * Support RI&S and RTX participation in security forums and standards working groups. Qualifications: * 14+ years of progressive cybersecurity or compliance experience with a B.S. degree in Science, Technology, Engineering or Mathematics (STEM) or ten years of progressive cybersecurity or compliance experience, and an M.S./M.A. degree. * Network architecture experience with advanced knowledge of network technologies/protocols and computer security concepts in a large scale networking environment. * Experience with operational, compliance, and IT security audit functions including NIST 800-53, NIST 800-37, NIST 800-171, and ISO 27001, or COBIT. * Strong comprehension of Information Security concepts and practices including vulnerability and compliance tools and processes, awareness of vulnerabilities, emerging threats, and the ability to map adversarial tactics to effective controls. * Demonstrated ability to lead, manage and be fully accountable for a geographically dispersed virtual team supporting a fast-paced work environment. * Good social, verbal, and written communication skills, with demonstrated ability to develop and effectively communicate cybersecurity matters and processes to senior management and executive audiences. * Strategic planning experience including documenting workflows, developing service roadmaps and future state plans. * Strong deductive reasoning, critical thinking, problem solving, and prioritization skills. * Certified security expert - CISSP or CISM and CISA. * Existing Secret clearance required Desired Qualifications: * Understanding of cloud-based IT systems or hybrid cloud delivery models designing, developing in, or transitioning systems and processes to the cloud * Understanding of developing, testing, implementing, and maintaining complex applications and/or databases including web applications and interfaces * Six Sigma and / or Lean certification This position requires either a U.S. Person or a Non-U.S. Person who is eligible to obtain any required Export Authorization.185277 Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender orientation, gender identity, national origin, disability, or protected Veteran status.
Job Description: The Raytheon Intelligence & Space (RI&S) business is seeking an experienced federal compliance leader to lead a team in all aspects of federal cybersecurity risk, audit and compliance processes. The Director - Federal Risk & Compliance will be responsible for ensuring the RI&S network, programs, global sites and subsidiary security controls and processes are architected and designed in a manner to ensure continuous compliance with all federal policies, standards, regulations, procedures and applicable laws. The Director will be responsible for engaging with Enterprise Services, RI&S business product line leaders, program leaders, subsidiaries, global sites and process owners on the documentation, evaluation, and monitoring of the appropriate federal cybersecurity controls across the RI&S computing environment. The ideal candidate will also have experience in both compliance and operational audits, as well as prior hands-on cybersecurity experiences in the defense industry and/or federal agencies. Key Responsibilities: * Manage and lead a team of IT security and compliance experts responsible for identifying and driving the RI&S business cybersecurity standards and processes needed to continuously comply with federal regulatory and legal standards along with their associated reporting requirements. * Establish and maintain a program to track and monitor ATO and POAM completion to ensure timely execution of processes and plans to maintain compliance standards. * Develop strategic roadmaps for capabilities and services to achieve RI&S federal compliance standards and authorizations (ATOs) at the speed of the business. * Coordinate and support audit activities of the RI&S computing environment, focused on DoD and federal security controls, with process and control owners and internal/external auditors * Assist process and control owners to understand cybersecurity related assessments and audit results, identify remediation options, prioritize and see them through to completion * Assist in the development of appropriate security documentation, including system security plans, information security policies and procedures to ensure compliance with government, legal, and regulatory standard requirements * Assist product line and program leaders in assessing compliance impacts to systems and applications * Stay abreast with current & emerging industry related IT security federal regulations, and compliance standards. * Support RI&S and RTX participation in security forums and standards working groups. Qualifications: * 14+ years of progressive cybersecurity or compliance experience with a B.S. degree in Science, Technology, Engineering or Mathematics (STEM) or ten years of progressive cybersecurity or compliance experience, and an M.S./M.A. degree. * Network architecture experience with advanced knowledge of network technologies/protocols and computer security concepts in a large scale networking environment. * Experience with operational, compliance, and IT security audit functions including NIST 800-53, NIST 800-37, NIST 800-171, and ISO 27001, or COBIT. * Strong comprehension of Information Security concepts and practices including vulnerability and compliance tools and processes, awareness of vulnerabilities, emerging threats, and the ability to map adversarial tactics to effective controls. * Demonstrated ability to lead, manage and be fully accountable for a geographically dispersed virtual team supporting a fast-paced work environment. * Good social, verbal, and written communication skills, with demonstrated ability to develop and effectively communicate cybersecurity matters and processes to senior management and executive audiences. * Strategic planning experience including documenting workflows, developing service roadmaps and future state plans. * Strong deductive reasoning, critical thinking, problem solving, and prioritization skills. * Certified security expert - CISSP or CISM and CISA. * Existing Secret clearance required Desired Qualifications: * Understanding of cloud-based IT systems or hybrid cloud delivery models designing, developing in, or transitioning systems and processes to the cloud * Understanding of developing, testing, implementing, and maintaining complex applications and/or databases including web applications and interfaces * Six Sigma and / or Lean certification This position requires either a U.S. Person or a Non-U.S. Person who is eligible to obtain any required Export Authorization.185277 Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender orientation, gender identity, national origin, disability, or protected Veteran status.
09/22/2021
Full time
Job Description: The Raytheon Intelligence & Space (RI&S) business is seeking an experienced federal compliance leader to lead a team in all aspects of federal cybersecurity risk, audit and compliance processes. The Director - Federal Risk & Compliance will be responsible for ensuring the RI&S network, programs, global sites and subsidiary security controls and processes are architected and designed in a manner to ensure continuous compliance with all federal policies, standards, regulations, procedures and applicable laws. The Director will be responsible for engaging with Enterprise Services, RI&S business product line leaders, program leaders, subsidiaries, global sites and process owners on the documentation, evaluation, and monitoring of the appropriate federal cybersecurity controls across the RI&S computing environment. The ideal candidate will also have experience in both compliance and operational audits, as well as prior hands-on cybersecurity experiences in the defense industry and/or federal agencies. Key Responsibilities: * Manage and lead a team of IT security and compliance experts responsible for identifying and driving the RI&S business cybersecurity standards and processes needed to continuously comply with federal regulatory and legal standards along with their associated reporting requirements. * Establish and maintain a program to track and monitor ATO and POAM completion to ensure timely execution of processes and plans to maintain compliance standards. * Develop strategic roadmaps for capabilities and services to achieve RI&S federal compliance standards and authorizations (ATOs) at the speed of the business. * Coordinate and support audit activities of the RI&S computing environment, focused on DoD and federal security controls, with process and control owners and internal/external auditors * Assist process and control owners to understand cybersecurity related assessments and audit results, identify remediation options, prioritize and see them through to completion * Assist in the development of appropriate security documentation, including system security plans, information security policies and procedures to ensure compliance with government, legal, and regulatory standard requirements * Assist product line and program leaders in assessing compliance impacts to systems and applications * Stay abreast with current & emerging industry related IT security federal regulations, and compliance standards. * Support RI&S and RTX participation in security forums and standards working groups. Qualifications: * 14+ years of progressive cybersecurity or compliance experience with a B.S. degree in Science, Technology, Engineering or Mathematics (STEM) or ten years of progressive cybersecurity or compliance experience, and an M.S./M.A. degree. * Network architecture experience with advanced knowledge of network technologies/protocols and computer security concepts in a large scale networking environment. * Experience with operational, compliance, and IT security audit functions including NIST 800-53, NIST 800-37, NIST 800-171, and ISO 27001, or COBIT. * Strong comprehension of Information Security concepts and practices including vulnerability and compliance tools and processes, awareness of vulnerabilities, emerging threats, and the ability to map adversarial tactics to effective controls. * Demonstrated ability to lead, manage and be fully accountable for a geographically dispersed virtual team supporting a fast-paced work environment. * Good social, verbal, and written communication skills, with demonstrated ability to develop and effectively communicate cybersecurity matters and processes to senior management and executive audiences. * Strategic planning experience including documenting workflows, developing service roadmaps and future state plans. * Strong deductive reasoning, critical thinking, problem solving, and prioritization skills. * Certified security expert - CISSP or CISM and CISA. * Existing Secret clearance required Desired Qualifications: * Understanding of cloud-based IT systems or hybrid cloud delivery models designing, developing in, or transitioning systems and processes to the cloud * Understanding of developing, testing, implementing, and maintaining complex applications and/or databases including web applications and interfaces * Six Sigma and / or Lean certification This position requires either a U.S. Person or a Non-U.S. Person who is eligible to obtain any required Export Authorization.185277 Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender orientation, gender identity, national origin, disability, or protected Veteran status.
Company Description Epsilon is the leader in outcome-based marketing. We enable marketing thats built on proof, not promises. Through Epsilon PeopleCloud, the marketing platform for personalizing consumer journeys with performance transparency, Epsilon helps marketers anticipate, activate and prove measurable business outcomes. Powered by CORE ID®, the most accurate and stable identity management platform representing 200+ million people, Epsilons award-winning data and technology is rooted in privacy by design and underpinned by powerful AI. With more than 50 years of experience in personalization and performance working with the worlds top brands, agencies and publishers, Epsilon is a trusted partner leading CRM, digital media, loyalty and email programs. Positioned at the core of Publicis Groupe, Epsilon is a global company with over 8,000 employees in over 40 offices around the world. For more information, visit epsilon.com. Follow us on Twitter Job Description Loyalty Lead Business System Analyst The Lead Business System Analyst will assist with the implementation and support of projects within the business and technology aspects of a Loyalty Implementation. They define functional requirements and help in the development lifecycle to ensure the solution implemented meets the client goals. This particular role will take the lead to support project enhancements for a large financial services client. This role will be responsible for leveraging a deep understanding of the platform in place to propose solutions to solve high profile business problems. Responsibilities: Adherence to clients processes including project initiation, status reporting, user acceptance testing, and implementation. Acting as a Product Owner at Epsilon to champion client objectives and articulate business value. Mentoring and training less experienced team members. Escalation of risks and key decisions to ensure proper visibility internally and externally. Delivers results in an environment of trust, respect, and collaboration. Recommends process improvements to increase efficiency, effectiveness, quality, and open lines of communication. Elicits and guides user story creation within an Agile Environment to a level where stories can be prioritized and ready for development. Able to create reusable content and templates for capturing user stories, technical design, test cases, etc. Refine and maintain Product Backlog available for development. Participate and lead discussions with the client and internal teams to ensure requirement completeness. Leads Scrum of Scrum meetings across multiple scrum teams to ensure questions are answered and blocking items are resolved/remediated. Complete understanding of the underlying infrastructure of the system and individual application requirements to facilitate providing technical input into the development of the system (as appropriate). Acts as a key point of contact and liaison between the technical teams at Epsilon and various client teams. Protects time to focus for development and quality assurance resources. Acts as a project manager for specific enhancements within a release. Manages environment promotion schedules to adhere to best practices. Able to lead/oversee up to three direct reports, including weekly one on one meetings, mentoring, defining career path and goals, and holding resources accountable to their goals. Lead client in user acceptance testing, while identifying, managing, escalating, and mitigating risks for a timely project delivery. Ability to effectively navigate and lead a cross-functional organization to get work done. Prior experience working with global teams. Driving innovation to ensure ultimate client and end-user satisfaction. Demo developed features to ensure adherence to client business objectives. Participation in implementation activities, including leading tasks, production validation, and client communications. Builds key relationships with client stakeholders through transparency and building trust. Continual learning to stay abreast of industry trends and insights, as well as Epsilon products and services. Leveraging appropriate subject matter experts to obtain architectural guidance to ensure extensible, stable, and flexible technical recommendations. Partnering with the technical team, scrum masters, product owners, and Agile development teams to ensure seamless transition from Concepting to Operations. Documentation of solution through descriptive narrative detail and diagramming to obtain consensus and alignment across internal and external stakeholders. Estimation of level of effort using relative and absolute sizing at various stages of product development. Tracking requests in progress to achieve expedient time to market metrics while exceeding customer expectations on solutions delivered. Conferring with client partners to understand creative or other requirements that may influence design. Auditing solutions to determine platform, partner, client, testing, or other dependencies that may arise throughout the course of delivery. Ensuring all prerequisites are met prior to grooming and refinement of stories. Skills Required: Excellent written/verbal communication skills, including the ability to influence a wide range of stakeholders across all roles and levels. Able to work in a dynamic, fast-paced, and often changing environment. Excellent problem-solving skills to move toward a projects successful completion. Excellent organizational skills and interpersonal skills. Excellent drive and initiative, and sense of personal accountability. Clearly able to articulate both written and verbally, detailed specifications to meet business needs. Ability to solve practical problems by applying analytical reasoning. Ability to work autonomously. Detail-oriented, able to multi-task and prioritize activities. Solid understanding of Relational Database Management Systems Proficient in SQL Proficient with Business Intelligence tools (e.g., Cognos) Understanding of Email tools and technologies is a plus Solid understanding of marketing concepts Working knowledge of project management methodologies and creation of defined artifacts Experience in Agile/Scrum development is a plus Requires 5 years of related experience MS Office including Excel, Word, PowerPoint, and Visio Qualifications Additional Information Great People, Deserve Great Benefits We know that we have some of the brightest and most talented associates in the world, and we believe in rewarding them accordingly. If you work here, expect competitive pay, comprehensive health coverage, and endless opportunities to advance your career. Epsilon is an Equal Opportunity Employer. Epsilons policy is not to discriminate against any applicant or employee based on actual or perceived race, age, sex or gender (including pregnancy), marital status, national origin, ancestry, citizenship status, mental or physical disability, religion, creed, color, sexual orientation, gender identity or expression (including transgender status), veteran status, genetic information, or any other characteristic protected by applicable federal, state or local law. Epsilon also prohibits harassment of applicants and employees based on any of these protected categories. Epsilon will provide accommodations to applicants needing accommodations to complete the application process. #LI-CM1 REF117130Z
09/15/2021
Full time
Company Description Epsilon is the leader in outcome-based marketing. We enable marketing thats built on proof, not promises. Through Epsilon PeopleCloud, the marketing platform for personalizing consumer journeys with performance transparency, Epsilon helps marketers anticipate, activate and prove measurable business outcomes. Powered by CORE ID®, the most accurate and stable identity management platform representing 200+ million people, Epsilons award-winning data and technology is rooted in privacy by design and underpinned by powerful AI. With more than 50 years of experience in personalization and performance working with the worlds top brands, agencies and publishers, Epsilon is a trusted partner leading CRM, digital media, loyalty and email programs. Positioned at the core of Publicis Groupe, Epsilon is a global company with over 8,000 employees in over 40 offices around the world. For more information, visit epsilon.com. Follow us on Twitter Job Description Loyalty Lead Business System Analyst The Lead Business System Analyst will assist with the implementation and support of projects within the business and technology aspects of a Loyalty Implementation. They define functional requirements and help in the development lifecycle to ensure the solution implemented meets the client goals. This particular role will take the lead to support project enhancements for a large financial services client. This role will be responsible for leveraging a deep understanding of the platform in place to propose solutions to solve high profile business problems. Responsibilities: Adherence to clients processes including project initiation, status reporting, user acceptance testing, and implementation. Acting as a Product Owner at Epsilon to champion client objectives and articulate business value. Mentoring and training less experienced team members. Escalation of risks and key decisions to ensure proper visibility internally and externally. Delivers results in an environment of trust, respect, and collaboration. Recommends process improvements to increase efficiency, effectiveness, quality, and open lines of communication. Elicits and guides user story creation within an Agile Environment to a level where stories can be prioritized and ready for development. Able to create reusable content and templates for capturing user stories, technical design, test cases, etc. Refine and maintain Product Backlog available for development. Participate and lead discussions with the client and internal teams to ensure requirement completeness. Leads Scrum of Scrum meetings across multiple scrum teams to ensure questions are answered and blocking items are resolved/remediated. Complete understanding of the underlying infrastructure of the system and individual application requirements to facilitate providing technical input into the development of the system (as appropriate). Acts as a key point of contact and liaison between the technical teams at Epsilon and various client teams. Protects time to focus for development and quality assurance resources. Acts as a project manager for specific enhancements within a release. Manages environment promotion schedules to adhere to best practices. Able to lead/oversee up to three direct reports, including weekly one on one meetings, mentoring, defining career path and goals, and holding resources accountable to their goals. Lead client in user acceptance testing, while identifying, managing, escalating, and mitigating risks for a timely project delivery. Ability to effectively navigate and lead a cross-functional organization to get work done. Prior experience working with global teams. Driving innovation to ensure ultimate client and end-user satisfaction. Demo developed features to ensure adherence to client business objectives. Participation in implementation activities, including leading tasks, production validation, and client communications. Builds key relationships with client stakeholders through transparency and building trust. Continual learning to stay abreast of industry trends and insights, as well as Epsilon products and services. Leveraging appropriate subject matter experts to obtain architectural guidance to ensure extensible, stable, and flexible technical recommendations. Partnering with the technical team, scrum masters, product owners, and Agile development teams to ensure seamless transition from Concepting to Operations. Documentation of solution through descriptive narrative detail and diagramming to obtain consensus and alignment across internal and external stakeholders. Estimation of level of effort using relative and absolute sizing at various stages of product development. Tracking requests in progress to achieve expedient time to market metrics while exceeding customer expectations on solutions delivered. Conferring with client partners to understand creative or other requirements that may influence design. Auditing solutions to determine platform, partner, client, testing, or other dependencies that may arise throughout the course of delivery. Ensuring all prerequisites are met prior to grooming and refinement of stories. Skills Required: Excellent written/verbal communication skills, including the ability to influence a wide range of stakeholders across all roles and levels. Able to work in a dynamic, fast-paced, and often changing environment. Excellent problem-solving skills to move toward a projects successful completion. Excellent organizational skills and interpersonal skills. Excellent drive and initiative, and sense of personal accountability. Clearly able to articulate both written and verbally, detailed specifications to meet business needs. Ability to solve practical problems by applying analytical reasoning. Ability to work autonomously. Detail-oriented, able to multi-task and prioritize activities. Solid understanding of Relational Database Management Systems Proficient in SQL Proficient with Business Intelligence tools (e.g., Cognos) Understanding of Email tools and technologies is a plus Solid understanding of marketing concepts Working knowledge of project management methodologies and creation of defined artifacts Experience in Agile/Scrum development is a plus Requires 5 years of related experience MS Office including Excel, Word, PowerPoint, and Visio Qualifications Additional Information Great People, Deserve Great Benefits We know that we have some of the brightest and most talented associates in the world, and we believe in rewarding them accordingly. If you work here, expect competitive pay, comprehensive health coverage, and endless opportunities to advance your career. Epsilon is an Equal Opportunity Employer. Epsilons policy is not to discriminate against any applicant or employee based on actual or perceived race, age, sex or gender (including pregnancy), marital status, national origin, ancestry, citizenship status, mental or physical disability, religion, creed, color, sexual orientation, gender identity or expression (including transgender status), veteran status, genetic information, or any other characteristic protected by applicable federal, state or local law. Epsilon also prohibits harassment of applicants and employees based on any of these protected categories. Epsilon will provide accommodations to applicants needing accommodations to complete the application process. #LI-CM1 REF117130Z
Position Overview: At an enterprise level, Company seeks an experienced, energetic, engaging and visionary leader who wants to become part of an exciting, vibrant community of information technology professionals supporting the enterprise mission: providing a comprehensive, high-quality product and service that engages our customers through secure and reliable technology. The CISO position reports to the CIO, is a member of the leadership team and serves a key role in company leadership, working closely with senior leaders, and the corporate community. The CISO is an advocate for the enterprise total information security needs and is responsible for the development and delivery of a comprehensive information security strategy to optimize the security posture of the company. The CISO will have experience within the healthcare industry and specifically a HITRUST certified environment. They will lead Company efforts for HITRUST certification. The CISO leads the development and implementation of a security program that leverages enterprise-wide resources, facilitates information security governance, advises senior leadership on security direction and resource investments, and designs appropriate policies to manage information security risk. The complexity of this position requires a leadership approach that is engaging, imaginative, and collaborative, with a sophisticated ability to work with other leaders to set the best balance between security strategies and other priorities at the corporate level. Responsibilities SUMMARY OF RESPONSIBILITIES Company and Program Leadership Responsible for the strategic leadership of the Company information security program Provide guidance and counsel to key members of the corporate leadership team, working closely with senior managers and directors in Information Technology, Claims Integrity, Payments and Network Solutions business leaders, defining objectives for information security, while building relationships and goodwill Work with leadership to oversee the operations of an enterprise information security organization that is organized toward a common goal in information security Promote collaborative, empowered working environments across the company, removing barriers and realizing possibilities Manage enterprise-wide information security governance processes, chair the Information Security Advisory Committee and lead Information Security Liaisons in the establishment of an information security program and project priorities Lead information security planning processes to establish an inclusive and comprehensive information security program for the entire enterprise in support of information systems and technology Establish annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements Stay abreast of information security issues and regulatory changes affecting healthcare at the state and national level. Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position Provide leadership philosophy for the Information Security Office to create a strong bridge between organizations, build respect for the contributions of all and bring groups together to share information and resources and create better decisions, policies, and practices for the enterprise Mentor the Information Security Office team members and implement professional development plans for all members of the team Represent Company on committees and boards associated within the healthcare sector Perform special projects and other duties as needed Support Company 's Compliance Program by adhering to policies and procedures pertaining to HIPAA, FDCPA, FCRA, and other laws applicable to Company 's business practices; this includes becoming familiar with Company 's Code of Ethics, attending training as required, notifying management or Company 's Helpline when there is a compliance concern or incident, HIPAA-compliant handling of patient information, and demonstrable awareness of confidentiality obligations Policy, Compliance and Audit Lead the development and implementation of effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation Lead efforts to internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls for the information and technology systems Work with Internal Audit, General Counsel, Privacy Office and Compliance Officer and outside consultants as appropriate on required security assessments and audits Coordinate and track all information technology and security related audits including scope of audits, business/units involved, timelines, auditing agencies and outcomes. Work with auditors as appropriate to keep audit focus in scope, maintain excellent relationships with audit entities and provide a consistent perspective that continually puts the enterprise in its best light. Provide guidance, evaluation, and advocacy on audit responses Work with company leadership and relevant responsible compliance department leadership to build cohesive security and compliance programs for the enterprise to effectively address state and federal statutory and regulatory requirements Continuous improvement of strategies for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, HITRUST, PCI, SOC 2 Type 2, HIPAA, and FISMA Oversight and management of security audits to expand Company 's security posture Outreach, Education and Training Work closely with IT leaders, technical experts, business unit leaders across enterprise on a wide variety of security issues that require an in-depth understanding of the IT environment in their units Create education and awareness programs and advise operating units at all levels on security issues, best practices, and vulnerabilities Work with Network Managers, Information Security Liaisons, and technical organizations to build awareness and a sense of common purpose around security Pursue security initiatives to address unique needs in protecting identity theft, mobile social media security and online reputation program Risk Management and Incident Response Keep abreast of security incidents and act as primary control point during significant information security incidents. Convene a Security Incident Response Team (SIRT) as needed, or requested, in addressing and investigating security incidences that arise Convene Ad Hoc Security Committee (Red Team) as appropriate and provide leadership for breach response and notification actions for the enterprise Develop, implement, and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk Provide leadership, direction, and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies Examine impacts of new technologies on the enterprise information security program. Establish processes to review implementation of new technologies to ensure security compliance Qualifications Bachelor 's degree in Information Technology or related field 10+ years ' experience in Healthcare Information Security and HITRUST 5+ years in a Security leadership role or Security Officer position Travel: Minimum travel will be required Preferred Skills CISSP or other Information Security certification
01/27/2021
Full time
Position Overview: At an enterprise level, Company seeks an experienced, energetic, engaging and visionary leader who wants to become part of an exciting, vibrant community of information technology professionals supporting the enterprise mission: providing a comprehensive, high-quality product and service that engages our customers through secure and reliable technology. The CISO position reports to the CIO, is a member of the leadership team and serves a key role in company leadership, working closely with senior leaders, and the corporate community. The CISO is an advocate for the enterprise total information security needs and is responsible for the development and delivery of a comprehensive information security strategy to optimize the security posture of the company. The CISO will have experience within the healthcare industry and specifically a HITRUST certified environment. They will lead Company efforts for HITRUST certification. The CISO leads the development and implementation of a security program that leverages enterprise-wide resources, facilitates information security governance, advises senior leadership on security direction and resource investments, and designs appropriate policies to manage information security risk. The complexity of this position requires a leadership approach that is engaging, imaginative, and collaborative, with a sophisticated ability to work with other leaders to set the best balance between security strategies and other priorities at the corporate level. Responsibilities SUMMARY OF RESPONSIBILITIES Company and Program Leadership Responsible for the strategic leadership of the Company information security program Provide guidance and counsel to key members of the corporate leadership team, working closely with senior managers and directors in Information Technology, Claims Integrity, Payments and Network Solutions business leaders, defining objectives for information security, while building relationships and goodwill Work with leadership to oversee the operations of an enterprise information security organization that is organized toward a common goal in information security Promote collaborative, empowered working environments across the company, removing barriers and realizing possibilities Manage enterprise-wide information security governance processes, chair the Information Security Advisory Committee and lead Information Security Liaisons in the establishment of an information security program and project priorities Lead information security planning processes to establish an inclusive and comprehensive information security program for the entire enterprise in support of information systems and technology Establish annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements Stay abreast of information security issues and regulatory changes affecting healthcare at the state and national level. Engage in professional development to maintain continual growth in professional skills and knowledge essential to the position Provide leadership philosophy for the Information Security Office to create a strong bridge between organizations, build respect for the contributions of all and bring groups together to share information and resources and create better decisions, policies, and practices for the enterprise Mentor the Information Security Office team members and implement professional development plans for all members of the team Represent Company on committees and boards associated within the healthcare sector Perform special projects and other duties as needed Support Company 's Compliance Program by adhering to policies and procedures pertaining to HIPAA, FDCPA, FCRA, and other laws applicable to Company 's business practices; this includes becoming familiar with Company 's Code of Ethics, attending training as required, notifying management or Company 's Helpline when there is a compliance concern or incident, HIPAA-compliant handling of patient information, and demonstrable awareness of confidentiality obligations Policy, Compliance and Audit Lead the development and implementation of effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation Lead efforts to internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls for the information and technology systems Work with Internal Audit, General Counsel, Privacy Office and Compliance Officer and outside consultants as appropriate on required security assessments and audits Coordinate and track all information technology and security related audits including scope of audits, business/units involved, timelines, auditing agencies and outcomes. Work with auditors as appropriate to keep audit focus in scope, maintain excellent relationships with audit entities and provide a consistent perspective that continually puts the enterprise in its best light. Provide guidance, evaluation, and advocacy on audit responses Work with company leadership and relevant responsible compliance department leadership to build cohesive security and compliance programs for the enterprise to effectively address state and federal statutory and regulatory requirements Continuous improvement of strategies for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, HITRUST, PCI, SOC 2 Type 2, HIPAA, and FISMA Oversight and management of security audits to expand Company 's security posture Outreach, Education and Training Work closely with IT leaders, technical experts, business unit leaders across enterprise on a wide variety of security issues that require an in-depth understanding of the IT environment in their units Create education and awareness programs and advise operating units at all levels on security issues, best practices, and vulnerabilities Work with Network Managers, Information Security Liaisons, and technical organizations to build awareness and a sense of common purpose around security Pursue security initiatives to address unique needs in protecting identity theft, mobile social media security and online reputation program Risk Management and Incident Response Keep abreast of security incidents and act as primary control point during significant information security incidents. Convene a Security Incident Response Team (SIRT) as needed, or requested, in addressing and investigating security incidences that arise Convene Ad Hoc Security Committee (Red Team) as appropriate and provide leadership for breach response and notification actions for the enterprise Develop, implement, and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk Provide leadership, direction, and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies Examine impacts of new technologies on the enterprise information security program. Establish processes to review implementation of new technologies to ensure security compliance Qualifications Bachelor 's degree in Information Technology or related field 10+ years ' experience in Healthcare Information Security and HITRUST 5+ years in a Security leadership role or Security Officer position Travel: Minimum travel will be required Preferred Skills CISSP or other Information Security certification
About AbbVie AbbVie's mission is to discover and deliver innovative medicines that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas: immunology, oncology, neuroscience, eye care, virology, women's health and gastroenterology, in addition to products and services across its Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at . on Twitter , Facebook , Instagram , YouTube and LinkedIn . As a member of the Corporate Digital team, this position will be responsible for providing strategic guidance and governance for AbbVie's corporate websites (not including abbvie.com). This role will collaborate with Corporate BTS to improve and optimize AbbVie's corporate web platform(s) and tools. Working with other business units (non-commercial) to leverage our corporate web presence to achieve their goals, providing best practice recommendations for content, design and measurement. This position will report and work closely with the AbbVie Corporate Digital Director to align on AbbVie's overall corporate web strategy and ensure our corporate websites represents AbbVie in a consistent manner globally and brings to life AbbVie's brand online, delivering a positive user experience and provide value to visitors. . Primary Job Function Implement AbbVie's corporate website strategy and operations; work directly with internal clients, Corporate BTS and other stakeholders to understand specific needs and opportunities for improvement. Strategic lead on project teams: Contribute as digital strategic lead on project teams requiring web strategy expertise - e.g., R&D, Clinical Operations, Global Medical Affairs, Contract Manufacturing, etc. Act as champion for web technology platforms and provide subject matter expertise. Partner with Corporate BTS to deliver feature and functionality improvements to AbbVie's Web Content Management platform(s). Collaborate with the BTS Web Program Manager in the development of appropriate solutions. Manage external and/or contract resources as needed to meet project deliverables. Ensure AbbVie's non-commercial websites are compliant with external and AbbVie polices, regulations and laws; assist in audits and provide remediation plans when necessary. Administration of digital tools & platforms in Corporate Marketing. Core Job Responsibilities Responsible for compliance with applicable Corporate and Divisional Policies and procedures. Understands organization's vision, goals and strategies. Aligns priorities appropriately to assist in delivering team's priorities. Manages change and encourages innovation. Open to and evangelizes new ideas. Understands client's (business/content owner and requestor) needs and requirements. Resolves issues in an appropriate and timely manner. May negotiate, secure, oversee & ensure that resources are available to meet the daily operational demands of the area. Works with development resources, both internal and external to deliver work on time and on budget. Project manages across the project life cycle from ideation to scoping/planning to implementation. Establishes and maintains high-quality relationships with all levels across the company and with external partners. Qualifications Required Skills and Experience 7+ years of experience in digital technology platforms 7+ years of experience with Content Management Systems (e.g. Adobe Experience Manager, Drupal, Wordpress, etc) 7+ years of experience with code implementations Expert understanding of JS, HTML, and standard development tools Expert knowledge of user tracking technologies such as cookie consent managers, tag managers, tag audit tools and privacy regulations including GDPR and CCPA. Strong verbal, written, and presentation skills Attention to detail and enthusiasm for project management and process Bachelor's Degree or an equivalent combination of education and work experience Significant Work Activities N/A Travel Yes, 5 % of the Time Job Type Experienced Schedule Full-time Job Level Code M Equal Employment Opportunity At AbbVie, we value bringing together individuals from diverse backgrounds to develop new and innovative solutions for patients. As an equal opportunity employer we do not discriminate on the basis of race, color, religion, national origin, age, sex (including pregnancy), physical or mental disability, medical condition, genetic information gender identity or expression, sexual orientation, marital status, protected veteran status, or any other legally protected characteristic.
01/21/2021
Full time
About AbbVie AbbVie's mission is to discover and deliver innovative medicines that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas: immunology, oncology, neuroscience, eye care, virology, women's health and gastroenterology, in addition to products and services across its Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at . on Twitter , Facebook , Instagram , YouTube and LinkedIn . As a member of the Corporate Digital team, this position will be responsible for providing strategic guidance and governance for AbbVie's corporate websites (not including abbvie.com). This role will collaborate with Corporate BTS to improve and optimize AbbVie's corporate web platform(s) and tools. Working with other business units (non-commercial) to leverage our corporate web presence to achieve their goals, providing best practice recommendations for content, design and measurement. This position will report and work closely with the AbbVie Corporate Digital Director to align on AbbVie's overall corporate web strategy and ensure our corporate websites represents AbbVie in a consistent manner globally and brings to life AbbVie's brand online, delivering a positive user experience and provide value to visitors. . Primary Job Function Implement AbbVie's corporate website strategy and operations; work directly with internal clients, Corporate BTS and other stakeholders to understand specific needs and opportunities for improvement. Strategic lead on project teams: Contribute as digital strategic lead on project teams requiring web strategy expertise - e.g., R&D, Clinical Operations, Global Medical Affairs, Contract Manufacturing, etc. Act as champion for web technology platforms and provide subject matter expertise. Partner with Corporate BTS to deliver feature and functionality improvements to AbbVie's Web Content Management platform(s). Collaborate with the BTS Web Program Manager in the development of appropriate solutions. Manage external and/or contract resources as needed to meet project deliverables. Ensure AbbVie's non-commercial websites are compliant with external and AbbVie polices, regulations and laws; assist in audits and provide remediation plans when necessary. Administration of digital tools & platforms in Corporate Marketing. Core Job Responsibilities Responsible for compliance with applicable Corporate and Divisional Policies and procedures. Understands organization's vision, goals and strategies. Aligns priorities appropriately to assist in delivering team's priorities. Manages change and encourages innovation. Open to and evangelizes new ideas. Understands client's (business/content owner and requestor) needs and requirements. Resolves issues in an appropriate and timely manner. May negotiate, secure, oversee & ensure that resources are available to meet the daily operational demands of the area. Works with development resources, both internal and external to deliver work on time and on budget. Project manages across the project life cycle from ideation to scoping/planning to implementation. Establishes and maintains high-quality relationships with all levels across the company and with external partners. Qualifications Required Skills and Experience 7+ years of experience in digital technology platforms 7+ years of experience with Content Management Systems (e.g. Adobe Experience Manager, Drupal, Wordpress, etc) 7+ years of experience with code implementations Expert understanding of JS, HTML, and standard development tools Expert knowledge of user tracking technologies such as cookie consent managers, tag managers, tag audit tools and privacy regulations including GDPR and CCPA. Strong verbal, written, and presentation skills Attention to detail and enthusiasm for project management and process Bachelor's Degree or an equivalent combination of education and work experience Significant Work Activities N/A Travel Yes, 5 % of the Time Job Type Experienced Schedule Full-time Job Level Code M Equal Employment Opportunity At AbbVie, we value bringing together individuals from diverse backgrounds to develop new and innovative solutions for patients. As an equal opportunity employer we do not discriminate on the basis of race, color, religion, national origin, age, sex (including pregnancy), physical or mental disability, medical condition, genetic information gender identity or expression, sexual orientation, marital status, protected veteran status, or any other legally protected characteristic.