This position is responsible for developing and collaborating across divisions to implement CommScope’s Information Security program. The primary responsibilities of this position are to perform IT Project and Supplier Risk Assessments while aligning to business goals and objectives.
Duties & Responsibilities
Perform IT Risk Assessments for various enterprise projects in order to identify, mitigate and manage risks.
Perform Supplier Risk Assessments for direct and indirect suppliers in order to identify, mitigate and manage risks.
Support InfoSec team’s Governance, Risk and Compliance projects, tools and initiatives.
Maintain policy, standards, guidelines, procedures development and maintenance expertise / support in coordination with the CommScope enterprises business strategies.
Research and provide expertise in understanding corporate and business best practices and convert these practices into information security policy, standards, guidelines, and procedures.
Balancing the needs of the business with the contractual and regulatory landscape to create balanced and enforceable information security directives and guidelines
Advanced studies focusing on Information Security or Information Assurance a plus
Working with recognized IT Security-related control frameworks and standards; e.g. ISO27002, PCI, SOX, etc.
Include demonstrated competencies and physical, mental, & interpersonal skills.
Preferably Bachelor’s degree in Information Security, Information Technology or related curriculum.
Relevant work experience in Information Security, audit, risk management or internal controls.
Demonstrated basic understanding in processes related to the position, including applying standard security awareness techniques/principles in gathering information, conducting fieldwork, and reporting issues.
Demonstrated effective verbal and written communication skills for the purpose of explaining technical information to clients, vendors, senior management and staff.
Analytical, problem solving, strong documentation skills; attention to detail.
Strong relationship and team building skills.
Solid working knowledge of Microsoft Office applications.
Skilled at conducting, preparing and presenting analysis, findings and recommendations.
Pursuing certifications in Security+, CISSP, CISA or CISM.
Experience in large global disbursed business environments.
Experience managing information security, governance, or compliance documents for a multi-national organization preferred.