• Manage and maintain the global IT Security Awareness program.
• Create security awareness training necessary to ensure the adherence to the company’s policies, standards and overall security controls.
• Develop anti-phishing campaigns, track global metrics and identify areas for improvement.
• Conduct training and other awareness activities to ensure global IT sites are compliant.
• Assist in evidence gathering for ITGC SOX controls including S4 SAP, updates annual control book, identifies gaps, and work with control owners to remediate deficiencies.
• Interpret audit results and works with key stakeholders to remediate findings.
• Work with different teams within Corporate and site IT resources to effectively manage their respective controls and security-related activities.
• Assist in the creation, review, and provide periodic updates to IT Policies and Standards.
• Deliver expert advice and update KPIs regarding the security status of the company’s environment.
• Provide guidance on the latest security practices, tools, and technology.
• Assist in the development and maintenance of the company’s Vulnerability Management Program.
• Establish, implement and conduct key periodic reviews over privileged accounts.
• Implement Microsoft security and compliance controls.
• Configure, track and maintain vulnerability management compliance reports.
• Identify and share recommended remediation for zero-day and critical vulnerabilities.
• Participate in monthly patch review meetings.
• Identify global IT risks, organize IT Risk Review Meetings, assist in the creation of the agenda, maintain issue log and ensure issues are mitigated or closed timely.
• Actively track and communicate restraints, conflicts or gaps in existing processes as well as cross-functional team remediation.
• Perform security cloud assessments and develop and implement cloud security controls.
• Monitor and track best practices and emerging compliance changes/impacts for continuous improvement opportunities.
• Ensure the company handles personal data safely, responsibly and follows all applicable data protection and privacy laws, including the EU General Data Protection Regulation ("GDPR").
• Assist the company’s management teams to resolve data security and privacy issues.
• Partner across multiple teams to build and improve the compliance framework for developing and deploying IT systems, infrastructure and policies that adhere to standard privacy practices.

Required Qualifications:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science or related field of study
• 3 years of experience in any job title/occupation/position in a combination of IT Risk assessment, IT Controls, Access Management, or IT Security fields
• 3 years of experience working with cross-functional SaaS applications and databases to provide security guidance and assist in the development of best security practices and controls
• 3 years of experience with IAM Solutions
• 2 years of experience with Microsoft Enterprise Security, Vulnerability Management applications, Windows, Unix and Linux operating systems, Active Directory, and Privileged Access Management (CyberArk)
• 2 years of experience with Network Security and Incident Response
• 1 year of experience working with 3rd party vendor risk assessments and SOC 1 and 2 report review
• Experience working with S/4 HANA and SAP GRC
• At least one of the following certifications: CRISC, CISA, CISSP, or CEH

Preferred Qualifications:

• NA

Work Location: 2929 Walnut Street, Philadelphia, PA 19104