Description

Position Purpose

The Security Services Delivery Lead will establish, lead, and deliver the overall Security program portfolio for the company, including program updates, metrics management, PMO oversight, Training and Awareness, Data Protection, GRC, and general security evangelism across the enterprise. This is an exciting role to define and drive total employee involvement in corporate security initiatives, while delivering transformational security improvement across multiple areas of scope as a true change agent for the enterprise.

Major / Key Accountabilities

Deliver excellence in Security program delivery, data protection, and training & awareness across the Brambles enterprise. Maintain strong partner relationships, evangelize information security, advise senior leadership and key partners on cyber risks.  Operationalize and improve security governance structure and reporting, both operational and for security committees and management teams, partnering across functions, regions, and various external teams involved.   Coordinate project assurance of key initiatives, and perform risk management, in strict alignment and collaboration with other teams in TS and beyond (e.g. Risk & Assurance, Supplier and Customer security audits, Cybersecurity assessments, etc), with the biggest purpose to enable the Business via cyber strategy deployment.  Support the design and the implementation of a Cyber Risk Program, with technology, process, and organizational components, by taking into account e.g. insights from project assurance (e.g. in terms of recurrent security gaps and deficiencies), key business strategy elements, Cyber Threat Intelligence insights, etc., in order to increase cybersecurity maturity and business resilience; correlate CRP implementation progress to Cyber Maturity Index increase (NIST, etc). Support Information Security Assessments across locations, applications and security processes, in order to identify security gaps, perform risk management, and define risk-reduction actions to be implemented by teams within and beyond TS.  Work with global teams to ensure policies, standards, and control frameworks consider regional/market nuances responding to local laws, regulations, and other local requirements.  Strengthen ownership and awareness of Information Security through continuous trainings and awareness campaigns globally. Lead and drive the overall Cyber data protection program including data classification, data loss prevention, and data residency. Lead internal scorecard and metrics management program indicating health and success of the overall cyber program. Develop security training and awareness content. Identify new partners to help deliver content in an engaging way. Appropriate reporting including security knowledge assessments, training completion rates. Champion new security tooling, and effective change management. Create and maintain strong relationships throughout the business to foster a “change champions” support pool. Maintain a good understanding of security techniques and terminology to be able to fluently articulate security concepts in a simple to understand way. Provide recommendations for additional security solutions or enhancements to existing controls, based on feedback from wider business contacts. Ad-Hoc Support in Security Incident Response Team (SIRT) in the identification, containment, eradication, and resolution of security issues. Ad-Hoc support for requests from business contacts in local time zones to provide a global support framework.

Qualifications

Bachelor's or advanced degree in a relevant field (e.g., Information Security, Risk Management, Business Administration). Proven experience in change management and risk governance. Strong knowledge of relevant regulations and industry standards. Effective as a change agent and influencing across organizations and regions. Experience in interacting, presenting and working with top management in both domestic and international corporate environments to engage team members, drive decisions and communicate effectively.  Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate strategic information security topics, policies, and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels.  Strong influencing and negotiation skills and diplomacy.  Strong leadership skills and ability to lead and empower multi-functional, interdisciplinary and multi-geographical teams to achieve tactical and strategic goals.  Experience implementing information security programs in a global environment. Relevant certifications, such as CISSP, CISM, or GIAC are preferred, or willingness to pursue. Experience working in a manufacturing environment, preferred. Experience with global security and privacy standards and regulations such as GDPR and CCPA is a plus. Global company experience.

Experience

Excellent program management, prioritization, and organizational skills. Progressive leadership roles and relevant experience as a team lead in various Information and Cyber security disciplines supporting company information security departments.

Skills and Knowledge

Change agent for transformational programs. Security evangelist at heart. Experience in delivering transformational programs across a global enterprise. Ability to pick up new concepts and domain experience quickly. Data protection and data classification experience. Ability to manage multiple projects and overall service delivery for an organization.

Essential Languages

English

Preferred Education

Bachelors

Preferred Level of Work Experience

7 - 10 years

Remote Type

Hybrid Remote

We are an Equal Opportunity Employer, and we are committed to developing a diverse workforce in which everyone is treated fairly, with respect, and has the opportunity to contribute to business success while realizing his or her potential. This means harnessing the unique skills and experience that each individual brings and we do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state, or local protected class.

Individuals fraudulently misrepresenting themselves as Brambles or CHEP representatives have scheduled interviews and offered fraudulent employment opportunities with the intent to commit identity theft or solicit money. Brambles and CHEP never conduct interviews via online chat or request money as a term of employment. If you have a question as to the legitimacy of an interview or job offer, please contact us at <