Policy Management Specialist (Security Risk & Compliance)
About the job
Job Description
The Policy Management Specialist is a crucial role within the Security Risk & Compliance (GRC) team. This individual will lead the end-to-end security policy management function, including policy creation, modification, and annual attestation. They will also play a key role in Security Awareness Training (SAT) by developing and delivering training content, managing onboarding and refresher programs, and leading phishing campaigns. The ideal candidate will have extensive experience managing security policy programs, creating new policies and standards, and facilitating annual policy attestation cycles. Strong communication and collaboration skills are essential for this role.
Must have:
- Direct experience managing Security Policy programs
- Experience creating new policies and standards
- Experience with Archer GRC Tool
- Strong communication skills
- Ability to collaborate across departments
- Experience in developing and maintaining secure architectures
Good to have:
- Experience with SAT platforms like ProofPoint, KnowBe4, OneTrust, Archer
Not hearing back from companies?
Unlock the secrets to a successful job application and accelerate your journey to your next opportunity.
Leads the security policy management function within GRC end-to-end.
-Responsible for running policy workshops to triage policy intake request for the modification and/or creation of new policies, control standards, and procedures. This may also include troubleshooting ownership issues, or anything related to policies such as correlation to compliance frameworks, risks or general cybersecurity events and evolution.
-Responsible for facilitating the annual policy attestation cycle where owners must leverage the GRC tool, Archer to sign off or modify their control statements. This includes working together with partners across the organization who need support navigating the intricacies of policy management.
-Supporting all issues related to policy management.
-POC for everything Policy Mgmt. within GRC and for partnering areas.
-Setting long term goals and strategies to evolve policy mgmt.
Supports the Security Awareness Training (SAT) function within GRC end-to-end.
-Responsible for security onboarding for all new recruits as well as annual security refresher training. This includes maintaining current content, creation of new content, leveraging our tools for content changes and working with learning center management peers.
-Lead for National Cyber Security Awareness Month. This includes creation of the schedule of events, and executing the plan – workshops, webinars, training, games, prize, tech talks etc.
-Lead for hosting phishing program and campaigns to increase employee vigilance. This includes creating the plans, testing, prepping with technical areas to ensure conflicts don’t arise, analyzing the data during and after the phishing campaigns. This also includes fixing any and all issues that may arise regarding tool conflicts, false positives etc.
-Familiarity with common SAT platforms such as ProofPoint, KnowBe4, OneTrust, Archer etc.
-Lead for ad-hoc training and role-based training per utilized SAT platforms. Expand upon SAT program to host periodic training by function, group etc.
-Support other areas who rely on security training or awareness needs.
Required Skills
- Direct experience managing Security Policy programs or directly supporting them within a security or IT team. Experience creating new policies and standards as well as modifications to policies and standards as needed for various compliance and regulatory purposes.
- Experience with creating long term strategizes for the organization of Policy Mgmt. frameworks to govern internal processes with all employees.
- Strong understanding of Archer GRC Tool. Development is not a must but navigation is.
- Strong communication skills, ability to navigate across departments and network with various employees across the department to solve issues, host trainings, run meetings and workshops etc.
- Supports the maturity of Governance function.
- Develops documentation related to GRC Platform.
Required Experience
- Minimum of 5-8 years of practical information security experience in developing and maintaining secure architectures for large enterprises is preferred.
- Discover your inner Racker: Racker Life
About Rackspace Technology
We are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future.
More on Rackspace Technology
Though we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.
View Full Job Description
Add your resume
80%
Upload your resume, increase your shortlisting chances by 80%
Similar Jobs
Rackspace Technology, Mexico (Remote)
Rackspace Technology, Germany (Remote)
Mixmob, Canada (Remote)
CloudHire, India (Remote)
Google, (On-Site)
Unity, Denmark (On-Site)
ION, Italy (On-Site)
PwC, India (On-Site)
Carmeuse, India (Hybrid)
PwC, Argentina (On-Site)
Get notifed when new similar jobs are uploaded
Similar Skill Jobs
Riot Games, United States (On-Site)
Rackspace Technology, United States (Remote)
Notion, India (On-Site)
Rackspace Technology, United States (Remote)
Notion, United States (On-Site)
Voodoo, France (On-Site)
Notion, Ireland (On-Site)
Rackspace Technology, Canada (Remote)
GrowthX®, India (On-Site)
Rackspace Technology, United States (Remote)
Get notifed when new similar jobs are uploaded
Jobs in Aguascalientes, Aguascalientes, Mexico
HP, Mexico (On-Site)
Salesforce, Mexico (On-Site)
PwC, Mexico (On-Site)
Luxoft, Mexico (Remote)
Warner Bros Discovery, Mexico (On-Site)
Nagarro, Mexico (Remote)
Publicis Groupe, Mexico (On_site)
Youtooz, Mexico (On-Site)
Rackspace Technology, Mexico (On-Site)
Nielsen Holdings, Mexico (Hybrid)
Get notifed when new similar jobs are uploaded
Cyber Security Jobs
ByteDance, Singapore (On-Site)
ION, Italy (On-Site)
PwC, Argentina (On-Site)
State Street, India (Hybrid)
PINKERTON | Comprehensive Risk Management, India (On-Site)
LeoVegas, Sweden (Hybrid)
Anavation, United States (On-Site)
PwC, India (On-Site)
Infoblox, United States (Hybrid)
ARHS, Luxembourg (On-Site)
Get notifed when new similar jobs are uploaded
