Atlanta, GA, United States
May 21, 2020
The Lead Cyber Risk & Compliance Advisor is responsible for maintaining compliance with contractual and client requirements; and ensuring alignment of baseline security controls with business and regulatory requirements to ensure adherence to industry best practices and standards. Owns business unit in-bound information security audits, questionnaires, assessment and on-site audit responsibilities to support Cox Automotive's businesses. Responsible for SOC1/SOC2 audits for one or more business unit - and coordinates these activities with the Enterprise Internal Controls team. This position will interface with technology, business, and legal teams to manage legal, regulatory, & contractual security obligations, and support the development of security process improvements. Create and manages documentation of the business s security posture for distribution to clients.
- Maintain, support and improve program for efficiently managing inbound assessments, inquiries and questionnaires from clients on information security policies, standards and implementation of security controls.
- Coordinate and manage annual updates and reviews of security documentation for distribution to external clients as appropriate.
- Provide direction and guidance on security solutions based on risk reduction and meeting client expectations.
- Provides support in controlling and/or enhancing processes and systems in compliance with policies and regulations focused on SOC/SSAE18.
- Coordinates with the technology teams in development and compilation of additional controls and continuous compliance improvement activities.
- Supports business units throughout the audit process from pre-audit preparedness activities to post-audit meetings in gathering information, reporting results and recommending process improvement actions.
- Interact and interface with clients during review meetings and on-site audits and assessment
- Provide support to technical implementations (example AWS) and mapping security controls to modern technology applications and infrastructure.
- Coordinates resolution of assessment action points & remediation.
- Reviews and provides guidance on contractual language within legal agreements.
- Owns and maintains the master list of outstanding assessment actions incorporating it into the risk register
- Collaborates and provides business units with recommendations to reduce business risks within their areas.
- Builds effective relationships with key stakeholders.Qualifications:Required Experience, Knowledge and Skills:
- BA/BS Degree, preferably formal studies in Computer Science or Information Systems or equivalent
- 6 years hands-on experience in IT Security, Audit and/or Compliance or equivalent
- Experience of web-based applications, infrastructure, and architecture
- Proven experience in reducing and managing security risk in information systems.
- Good understanding of regulatory and external requirements as they relate to IT and cybersecurity, including GLBA, CCPA, NYDFS NYCRR 500, GDPR, etc.
- More than one security certification- examples CISSP, CISM, CISA, CTPRM, Cloud.
- Strong MS office skills with Excel and Access
- Ability to work in a fast-paced and dynamic environment
- Excellent organizational, project management and follow-up skills
- Ability to build effective working relationships at all levels of the organization
- Excellent communication skills
- Other duties as needed or required
- Requires physical ability and mental acuity to execute the duties of the position successfully within required timeframes to meet business requirements.
Who We Are
About Cox Automotive
There s nothing ordinary about Cox Automotive. We are people of every background driven by our passion for mobility, innovation, client success and community outreach. We make buying, selling and owning (or simply using) cars easier for everyone. Touching more than 40,000 clients across five continents, we bring together the best brands and the best teams to propel the automotive industry forward. Some of those team members work for our iconic consumer brands like Autotrader and Kelley Blue Book, while others are creating the future of automotive at industry-facing brands like Dealer.com, Manheim and vAuto.
We are the Cox family of businesses. We ve been making our mark since 1898 by building and evolving world-class businesses, staying true to our values, and encouraging top talent to always look for growth and impact while building a career with us. Our primary divisions Cox Communications and Cox Automotive are driving a new wave of innovation, powering smart cities with powerhouse broadband communications and pioneering greener, more progressive transportation alternatives for individuals and fleet operators. We re also expanding into new spaces like cleantech and healthcare to rev up our momentum toward building a better future for the next generation. We re looking for the talent today who will be our leaders tomorrow. Sound intriguing? Learn more about where we are today, where we hope you ll be going with us, and the common purpose that unites us at coxenterprises.com.
Cox is an Equal Employment Opportunity employer - All qualified applicants/employees will receive consideration for employment without regard to that individual s age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law.
Statement to ALL Third-Party Agencies and Similar Organizations: Cox accepts resumes only from agencies with which we formally engage their services. Please do not forward resumes to our applicant tracking system, Cox employees, Cox hiring manager, or send to any Cox facility. Cox is not responsible for any fees or charges associated with unsolicited resumes..