- Code number: PFS-D-1659083279-E
- Entry level: Professionals
- Location: Atlanta
- Organization: Porsche Financial Services Inc.
Position holds the role of the Business Information Security Manager for Porsche Financial Services North America (PFSNA) affiliates, coordinating activities and compliance as identified by Porsche AG’s Global Corporate Information Security Officer. Position leads information security governance for PFSNA in coordination with Porsche Cars North America (PCNA) Infosec team. This includes directing the processes and procedures that pertain to information security and the group information security directives.
The Business Information Security Manager would take on the tasks of ensuring data confidentiality, integrity, availability and authenticity, including vendor management, risk assessment, regulatory compliance and reporting. This role would need to guide business departments through the proper processes to ensure information security directives are met.
This position is responsible for work with Porsche Financial Services US (PFSUS) and Porsche Financial Services Canada (PFSC) business units to assist with project tasks; providing deliverables, performing tasks, and keeping project leaders abreast of project status while ensuring that all project timelines are met.
The Business Information Security Manager will need to work autonomously and provide direction and approval to business owners regarding data governance topics; Present metrics and status upward and across the organization and liaise with North American sister companies; Stay up to date with information security best practices and standard frameworks.
Roles & Responsibilities
- Creates and proposes PFSNA information security strategy and policies to PFS executives and senior leadership teams
- Serve as a cyber-security subject matter expert (SME) to PFSUS and PFSC business departments, coordinating and providing multi-disciplinary knowledge, skills and experience in security architecture and security management.
- Conduct PFSNA vendor information security risk assessments and reviews per the locally developed process in compliance with the Porsche Information Security directives.
- Performs facility audits identifying information security risks, exposures and safeguards. Document risks, create recommendations and develop counter measures.
- Ensure compliance with legal requirements and Porsche policies in regards to information security; and advises the Director, Compliance on anomalies and create monthly management reports.
- Coordinate with PCNA IT to fulfill PFSUS and PFSC information security requirements.
- Conduct information security reviews of key vendors and all externally hosted and developed websites.
- Participate in PFS Cyber Crisis Committee and advise on cyber security topics as needed.
- Support formal investigations of and manage responses to information security and data protection incidents and their resolution in collaboration with the appropriate parties
- Coordinate with PCNA IT to develop and maintain a corporate information security awareness program for PFSUS and PFSC
- Review and red line vendor agreements for compliance with information security standards
- Review vendor responses to self-assessments (audits)
- Support internal audit activities and oversee audit measure resolution tasks relating to information security related topics
- Manage and respond to data privacy and information security support requests from across the business in coordination with North American Local Information Security Officer (LISO).
- Responsible for development and delivery of Information Security best practice training materials and process documents in coordination with North American LISO.
- Provide approval for PFS-specific information security governance activities (risk management, security categorization, waivers and variances).
- Assist with other projects as assigned by the Director, Compliance & Business Integrity.
- Deep understanding of industry accepted standards and frameworks (ISO 2700x, NIST, PCI)
- Strong multi-tasking skills with the ability to handle multiple priorities
- Proficiency with MS Office applications including Project and Visio
- Exceptional organizational skills
- Ability to work independently
- Excellent communication skills – both verbal and written
- Technical Knowledge – overall understanding of applied information technology
- Detail oriented
- Experience reviewing, documenting, and identifying process/control weaknesses.
- Information security industry best practices
- Demonstrated ability to collaborate with multiple groups on multiple levels
- Vendor agreements
The candidate should embody the following Porsche Values and Competencies:
- Performance – we love to compete
- Courage – we expect entrepreneurial behavior
- Enthusiasm – we love what we do
- Curiosity – we look beyond
- Integrity – we are fair and honest
- Transparency – we work openly with each other
- Teamwork – we debate and collaborate
- Respect – we value each other personally and professionally
- Customer Focus – we make every decision with our customers in mind
- Leadership – we think strategically, manage courageously, leads by example and develop our employees
Percentage of required travel: Less than 25%
Must be able to remain in a stationary position 50% of the time. Must be able to move about in the office to access office equipment and etc. Must be able to communicate and exchange information verbally with management and co-workers.
This position operates in an office environment. This role will use standard office equipment such as computers, phones, copiers, scanners and etc.
- Data Privacy Analyst
Exclusive look behind the scenes
Porsche is an equal opportunity employer and we take pride in our diversity. In order to provide equal employment and advancement opportunities to all individuals, employment decisions at Porsche will be based on merit, qualifications and abilities. Porsche does not discriminate in employment opportunities or practices on the basis of race, color, religion, sex, pregnancy, status as a parent, national origin, age, disability, family medical history, ancestry, medical condition, genetic information, sexual orientation, gender, gender identity, gender expression, marital status, familial status, registered domestic partner status, family and medical leave status, military status, criminal conviction history, or any other characteristic protected by federal, state or local law.