.
*join a team recognized for leadership, innovation and diversity*:the role works with honeywell global security (hgs) & honeywell businesses in support of the security policy program.
this role involves interfacing with hgs, enterprise it and business leaders and staff to ensure overall security policy program objectives are executed consistent with program expectations and support the business and regulatory requirements and meet honeywell quality standards.the role is responsible to drive the execution of policy program tasks with an emphasis on policy assurance tasks including gap assessments and controls development.
this position will have significant impact security policies, standards and baselines across the entire enterprise as it sets the guardrails to protect company while meeting business goals & objectives.
*key responsibilities*:- establish information security policy and ensure its updated in alignment with new security requirements- conduct regular controls mapping gap assessment on security pol/std against regulatory/industry frameworks (nist 800-171, nist 800-53, iso 27001/27002, sox, pci, cmmc, fed ramp, csf)- review gaps/risk identified during control assessment and partner with stakeholders to drive remediation on time.- manage control framework in grc tool (snow) and ensure its up to date- manage highly collaborative efforts for creating and implementing controls against global information security policies,- standards, and baselines.- create content and conduct training and awareness on security policies, standards, and baselines as well as security- awareness topics to drive best practices across the enterprise- partner with multiple cross functional teams (security architecture)- participate in the technical evaluation possible impact on systems & network security- provide technical security requirements in support of the advancement and currency of security policies, standards, and- baselines- leadership exposure to demonstrate need of security posture with proven facts and hands on experience- experience to present large audience group and drive effective conversation.- preferred to have leadership exposure at cio's/ctos/cso/psc/cipso- participate in the technical evaluation possible impact on systems & network security- provide technical security requirements in support of the advancement and currency of security policies, standards, and baselines*you must have*:- bachelor's degree- global role exposure and able to translate security controls requirements to stakeholders- minimum 7 years of professional experience in the area of it/ cyber-security- must work well independently but also drive cross-functional teaming successfully to avoid bottlenecks*we value*:- preference will be given for the following certifications: cisa, cism, cissp and ccna- engineering degree, including a master's in information security is a plus