Deliver business value through Right and Fast partnership
This is an incredibly exciting time to join the Honeywell Transportation Systems team!
Transportation Systems is the true pioneer of automotive turbocharging dating back more than 60 years, and continues today as the world's leader in turbo technology solutions and an experienced supplier of electric boosting products and automotive software to support passenger cars, commercial vehicles and off-highway equipment.
With a worldwide footprint of engineering centers, testing labs and manufacturing facilities, Transportation Systems serves all major automotive companies to implement key differentiated technology offerings.
As a testimony to its success, in 2018 Honeywell will be spinning off the Transportation Systems business into a stand-alone, publicly traded company.
Being a stand-alone company will provide Transportation Systems the independence, focus, direct financial resources, and flexibility required to adapt quickly to market and customer dynamics, and we want you to be part of its evolution.
Both new and existing employees will have a more direct benefit from the company’s performance in a multitude of ways.
This position will be responsible for Compliance. Position reports to Cyber Security Compliance & Governance Leader.
Job Purpose / Summary - the primary objective of the role
Responsible for defining & driving Compliance program to meet requirements across frameworks such as GDPR, ISO 27001, PCI, SOX, ISO 22301, Cloud Security Alliance, etc
Responsible to define & report Risk Dashboard to leadership
Responsible for executing Compliance reviews and collaborate with Internal and External Audit teams
Key Areas of Responsibility
Manage compliance tracking and reporting processes for Cyber Security governance frameworks, regulatory, and client compliance requirements.
Manage the applications and processes used to track various compliance initiatives.
Track implementation of policies, standards, and procedures in line with security governance frameworks, regulatory, and customer compliance requirements
Publish Risk Dashboards to track risk metrics & remediation plans
Assist with internal security reviews
Define and monitor security metrics and KPIs
Ownership of all internal and external audit coordination with external auditors and internal stakeholders, performing initial reviews of evidence submissions and performing subsequent project management tasks
Ensure Risk-based Compliance to governmental and industry standards such as NIST, ISO 27001, SOX, GDPR, Data Privacy, PCI, and SSAE 18 SOC1 and SOC2
Provides input for corporate security projects with regards to identifying requirements for ongoing compliance
Providing training on system as needed
YOU MUST HAVE
Bachelor’s degree in Information Technology or related discipline
extensive experience on relevant audit and compliance programs experience Cloud and infrastructure experience
Familiarity with GRC processes
Hands-on experience managing Risk / Compliance projects based on NIST (or equivalent) framework
Knowledge of general security concepts and methods as they relate to IT audit controls such as vulnerability assessments, privacy assessments, intrusion detection, incident response, security policy creation, enterprise security strategies, architectures and governance
Extensive project leadership experience
Experience implementing or evaluating security compliance requirements for NIST, SOX, PCI, ISO 27001, GDPR
Extensive experience on IT Audit experience in a Big 4 or similar environment
Strong understanding of Cyber Security concepts
Experience with performing or reviewing enterprise risk assessments
Experience with evaluating or writing security policies to meet compliance requirements
Good working experience with Microsoft Excel, Word, Visio, Project, and PowerPoint
Strong time management skills
Experience in managing customers and extended Project Teams
Experience in PMO design and Metrics / Audit and Compliance activities
Communicating effectively in writing as appropriate for the needs of the audience
CISSP,CISA, ISO27001 accreditations
Excellent interpersonal skills, as well excellent communication skills, verbal and written to both technical and non-technical audiences
Take initiative to recommend process improvements and demonstrate creative thinking
Able and willing to work independently and in a fast-paced environment with tight deadlines and minimal supervision
Continued Professional Development