Does this position interest you? You should apply - even if you don't match every single requirement! We're known as an auto glass company. That's the focus of what we do. But beyond the glass, we're so much more. We'll help you build a fulfilling career and encourage you to have a life. Let us be the best place you'll ever work.
This role resides in the Cyber Risk & Compliance area which is responsible for defining, implementing, and leading the Cyber Risk & Compliance function in the Safelite Organization. It creates Soc1 and SOC2 risk management oversight; establishing and managing the controls framework and relevant standards; overseeing applicable security, privacy, contractual and compliance requirements through strategy development and deployment, controls definition and assessment (internal & external) together with process oversight, through three areas under its remit, Risk Management, Privacy and Technical Compliance with a small team of specialists in each area.
This is a role carries out the Safelite SOC1 and SOC2 compliance management function within the Belron Trust group under the North American CISO, reporting to the Head of Cyber Risk & Compliance. It assists in the delivery of the security risk management for Safelite, with a focus on generating and monitoring the SOC 1 and 2 program, engaging with key stakeholders. It will ensure that all functions have clear business owners for the points of focus, control objectives and any risks are reviewed and updated regularly. It will assist Safelite working towards a SOC 2 type 2 attestation.
It requires an ability to balance a hands-on approach to security compliance and risk management where necessary, with an ability to self-direct, prioritize and manage work in plus the improving the quality of service provided to Safelite regardless of delivery method (internal or 3rd party) with respect to information security and risk.
Information Security, financial processes, and services within Safelite are maturing and a key part of this role will be to work with the Head of Cyber Risk & Compliance together along with the CISO for North America to help define, regulate, and improve these as part of the virtual security team.
This role forms part of the wider strategic Trust program being developed focusing on the reduction of information risk to Safelite. It requires knowledge of information security activities across technology, process, and governance as well as in depth risk management.
What You'll Do
What You'll Need
What You'll Get
******************************************************************************************************************************************
--
Internal Associates: Already a member of the Safelite team? Apply through your Workday account by searching 'Find Open Jobs'.
Diversity: Safelite welcomes everyone. We value our diverse workforce and suppliers, and we're proud to be an equal opportunity employer. Learn more at Safelite.com/Careers.
Benefit amounts are estimates only. Actual values will depend on benefit elections during enrollment.
This position description is not all inclusive for every aspect of this role. Reasonable accommodation will be made for individuals covered by ADA, ADEA, FMLA and other laws and regulations in accordance with their requirements. Physical and mental demands are not and should not be construed to be job qualification standards, but are illustrated to help the employer, employee and/or applicant identify tasks where reasonable accommodations may need to be made when an otherwise qualified person is unable to perform the job's essential duties because of an ADA disability. Other qualifications may be required to ensure employment eligibility in accordance with local laws and regulations and with Safelite Group, Inc. policies and practices.
--