This role works with business units, internal functions and third-parties to co-manage development and deployment of information security controls which act as the foundation for Rockwell Automation's information security governance framework.
This role leads creation, deployment and maintenance of relevant information security policies and procedures in conjunction with our IT organization.
The role provides subject matter guidance to manage risks related to the use, storage, and transmission of information and the related systems and processes used to manage critical information. Management of issues and underlying processes related to the firm's Enterprise Risk Management (ERM) program will also fall to this role.
As legal and regulatory compliance drivers grow in importance, this role manages the impact of current and future security-related compliance issues globally.
Information Security Governance and Risk
Identify and implement the appropriate policy-based controls to manage information risks across the enterprise
Conduct research, write and deploy policies and standards related to information security governance in conjunction with the business units, IT, functions and third-party entities
Communicate key cyber-security control policies and standards with Legal, Compliance, Human Resources, business units and security liaisons
Encourage employees to move beyond compliance and toward adopting a security and risk mindset to make said issue part of their everyday workflow
Provide guidance and support to management on all policy and standards issues related to information security
Ensure employees and third parties understand and fulfill applicable information security policies and standard requirements
Liaison and maintain a strong working relationship with related internal functions such as IT Security, Risk Management (ERM), Compliance and Internal Audit
Provide consultative advice to information security internal customers enabling them to make risk management decisions related to current and emerging global security regulations and laws
Benchmark the risk management practices of other companies in an effort to maintain an up-to-date understanding of industry best practices, and monitor the legal and regulatory environment for developments that could require changes to Rockwell Automation's established information security policies, procedures and practices
Follow up on deficiencies identified in reviews, self-assessments, automated assessments, and audits to ensure appropriate remediation plans have been developed and corrective measures have been taken and documented
Monitor and report on compliance with security policies, as well as the enforcement of policies across the enterprise
Deploy, manage, and maintain a formal information security risk register and the corresponding or associated software
Provide support and guidance for legal and regulatory compliance efforts, including audit related support as needed
Direct risk evaluation and compliance management processes as assigned
Conducts third-party audits as required in order to maintain certifications and compliance certificates
Serve as an active and consistent participant in the information security governance process via formal and informal councils and or working groups
Ability to work with various data classification management schemes and the related technical solutions to manage data based on their classification
Work with the G&IS Group, IT Security, business and functional stakeholders to define metrics and reporting strategies that effectively communicate the success and progress of security programs under management
Construct and maintain a metrics dashboard containing core program metrics and KPIs
BS in Information Security, Computer Science, Engineering or a related field
5 years of experience in an IT Audit or Enterprise Risk Management (ERM) role
Legal authorization to work in the US is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening.
5 years of experience with regulatory compliance and information security management frameworks (e.g., ISO27000, COBIT, NIST, etc.)
An ability to identify and assess the severity and potential impact of risks and communicate risk assessment findings to risk owners outside Information Security in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance
Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
Ability to form complex communications / messages in a simple, clear and concise manner to the various communities within our company. This can include different cultures, nationalities, international locations and languages.
An ability to effectively influence others to modify their opinions, plans, or behaviors, with an emphasis on collaborating across multiple teams and ensuring program needs are satisfied through interpersonal and trusted communication
Strong team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including business/functional security liaisons and IT-business personnel
Excellent written English, with proven ability to research and write clear policy documents and reports for a wide range of audiences
High level of personal integrity, with the ability to handle confidential and otherwise sensitive matters professionally and with the appropriate level of judgment and maturity
An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business and functions
Excellent interpersonal skills with a high level of diplomacy and political awareness
Sound working knowledge of Microsoft-based software packages, including Word, Excel, PowerPoint, Visio and Outlook
High degree of initiative, dependability and ability to work with little supervision
No. of Positions:
Milwaukee - Wisconsin
Rockwell Automation, the world's largest company dedicated to industrial automation, makes its customers more productive and the world more sustainable. Throughout the world, our flagship Allen-Bradley(R) and Rockwell Software(R) product brands are recognized for innovation and excellence.
When you choose Rockwell Automation, you join countless talented employees who have helped us establish our leadership position in the automation industry over the past century.
You join a diverse, inclusive and global community with a passion for innovation. A place where you can partner with great minds and inspiring people. And a corporation backed by the financial strength that drives growth - and career opportunities.
As much as we focus on our customers, we know our employees are key to our success and future. Helping you develop a rewarding career is a top priority. Because when you succeed, we succeed.
Rockwell Automation is an Equal Opportunity/Affirmative Action employer.
If you are an individual with a disability and you need assistance or an accommodation during the application process, email our Talent Acquisition representative at (see application details).
Download the EEO is the Law poster and the supplement for more information.
See job description
Please mention DiversityJobs.com
if asked how you found this job.