Campus Pride Jobs

Cybersecurity System Project Manager

Functional Responsibilities

Are you excited about being a cybersecurity champion focused on training, communication, compliance & risk? Do you have a passion for a role in Cybersecurity and are interested in joining a team to maintain national, regional and global compliance? The Kohler Cybersecurity team is looking for an individual to act as a force multiplier by being a trusted advisor in the design process on key digital platform teams within the GRC space. You will help design solutions to prevent, detect, and remediate governance issues across the enterprise. Our global team seeks to drive digital transformation to key business areas in a secure and automated fashion.

Lead cybersecurity and privacy compliance initiatives (MLPS & PIPL) in country, partnering with global resources to protect customer and employee sensitive information

Develop, configure and build user awareness, communications and training within the Cybersecurity team

Work with business stakeholders to understand risk and compliance requirements and translate into technical solutions

Key Risk & Compliance resource lead in Asia and align controls with global team

Collaborate within the Security team, Business Solutions Managers, technical and business led teams to ensure our solutions are compliant within new projects and requirements

Implement and maintain security controls to protect sensitive data and ensure compliance with regulatory requirements

Monitor and optimize routine operational controls to ensure continuous improvement and ongoing compliance

Additional Details

We are looking for an energetic and detail-oriented person to fill our role as a GRC Security engineer. This position will work on a global team within the cybersecurity organization to ensure compliance with regulatory controls and mitigate business risk. We are a group of highly motivated individuals located around the world that care about each other. This position will work closely with other technical teams as well as business experts. It will integrate with Internal/external auditors to ensure our GRC environment integrates into the overall business usability while maintaining proper controls.

Overall Objectives of the team

Works as part of a global team that provides 24x7 cybersecurity support.

Assists in the coordination and completion of governance and compliance documentation.

Works with cybersecurity leadership to identify and analyze risks across the ecosystem. Develops strategies and plans to define and enforce security requirements and address identified risks.

Develops security processes and procedures and supports service-level agreements (SLAs) to ensure that security controls are managed and maintained.

Advises administrators on normal and exception-based processing of security authorization requests.

Applies innovative and creative thinking to solve problems and get things done.

Executes cybersecurity day to day activities to ensure Kohler Co. cybersecurity is well maintained over time.

Serves as an information security expert and trusted advisor to partners in IT and the business.

This role has the latitude for independent actions and decisions.

Functional Responsibilities

Security functional responsibilities are aligned with the CIS critical security controls and will cover one of the cybersecurity towers:

Risk Management

will be expected to actively manage and execute select activities related to assessing vendors and systems for risk profile and defining appropriate mitigations, audit of systems and access for compliance with security policies and regulatory requirements, and for review of systems through appropriate internal and external testing to validate a mature security posture. The analyst may be responsible for one or more of the following activities:

• Compliance, e.g., MLPS, Data Privacy regulations, payment card and Health data compliance, etc.

• Conduct Risk Assessments

• Testing

• Audit – Internal, External, Finance, & Systems level(s)

• Data Recovery Capacity

• Privacy

• Audit Access Control

• Penetration tests and red teaming

TECHNICAL COMPETENCY REQUIREMENTS

Be prepared to discuss your exposure to and proficiency in the following areas. Proven practical experience is a plus.

• Experience with common information security management frameworks, such as CIS, ISO 27001, NIST frameworks.

• Experience with regulatory and compliance standards, including but not limited to: Sarbanes-Oxley, MLPS, PIPL, payment card industry standards, HIPAA/HITECH, global data privacy requirements, as well as other state and federal regulations.

• In-depth knowledge of risk assessment methods and technologies.

• Proficiency in performing risk, business impact, control and vulnerability assessments.

• Strong understanding of business applications, including ERP and financial systems.

• Technical knowledge of mainstream operating systems, a wide range of security technologies, such as network security systems, identity and access management (IAM) systems, anti-malware solutions, automated policy compliance tools, user behavior analytics and desktop security tools.

• Experience in developing, documenting and maintaining security policies, processes, procedures and standards.

• Knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts.

• Proficiency with at least one scripting language (e.g., Perl, Python, PowerShell) is preferred.

• Audit, compliance or governance experience is preferred.

Skills/Requirements

EDUCATION AND EXPERIENCE REQUIREMENTS

Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:

Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:

• Bachelor's degree in information systems (preferred) or equivalent work experience.

• Minimum of 3-5 years IT, security or related work experience.

• Entry level certification (e.g., domain expertise, frameworks, general security) encouraged.

• Strong analytical skills to analyze security requirements and relate them to appropriate security controls.

• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.

• Ability to interact with Kohler's personnel at all levels and across all business units and organizations, and to comprehend business imperatives.

• Strong leadership abilities, with the capability to develop an information security team and guide team members and to work with only minimal supervision.

• Strong written and verbal communication skills.

• A strong stakeholder focus, with the ability to manage expectations appropriately, to provide a superior partner experience and build long-term relationships.

• The ability to read, write, and speak Mandarin,English

Why Choose Kohler?

We empower each associate to #BecomeMoreAtKohler with a competitive total rewards package to support your health and wellbeing, access to career growth and development opportunities, a diverse and inclusive workplace, and a strong culture of innovation. With more than 30,000 bold leaders across the globe, we’re driving meaningful change in our mission to help people live gracious, healthy, and sustainable lives.

About Us

It is Kohler’s policy to recruit, hire, and promote qualified applicants without regard to race, creed, religion, age, sex, sexual orientation, gender identity or expression, marital status, national origin, disability or status as a protected veteran. If, as an individual with a disability, you need reasonable accommodation during the recruitment process, please contact kohlerjobs@kohler.com. Kohler Co. is an equal opportunity/affirmative action employer.