*join a team recognized for leadership, innovation and diversity*:
the role works with honeywell global security (hgs) & honeywell businesses in support of the security policy program.
this role involves interfacing with hgs, enterprise it and business leaders and staff to ensure overall security policy program objectives are executed consistent with program expectations and support the business and regulatory requirements and meet honeywell quality standards.
the role is responsible to drive the execution of policy program tasks with an emphasis on policy assurance tasks including gap assessments and controls development.
this position will have significant impact security policies, standards and baselines across the entire enterprise as it sets the guardrails to protect company while meeting business goals & objectives.
*key responsibilities*:
- establish information security policy and ensure its updated in alignment with new security requirements
- conduct regular controls mapping gap assessment on security pol/std against regulatory/industry frameworks (nist 800-171, nist 800-53, iso 27001/27002, sox, pci, cmmc, fed ramp, csf)
- review gaps/risk identified during control assessment and partner with stakeholders to drive remediation on time.
- manage control framework in grc tool (snow) and ensure its up to date
- manage highly collaborative efforts for creating and implementing controls against global information security policies,
- standards, and baselines.
- create content and conduct training and awareness on security policies, standards, and baselines as well as security
- awareness topics to drive best practices across the enterprise
- partner with multiple cross functional teams (security architecture)
- participate in the technical evaluation possible impact on systems & network security
- provide technical security requirements in support of the advancement and currency of security policies, standards, and
- baselines
- leadership exposure to demonstrate need of security posture with proven facts and hands on experience
- experience to present large audience group and drive effective conversation.
- preferred to have leadership exposure at cio's/ctos/cso/psc/cipso
- participate in the technical evaluation possible impact on systems & network security
- provide technical security requirements in support of the advancement and currency of security policies, standards, and baselines
*you must have*:
- bachelor's degree
- global role exposure and able to translate security controls requirements to stakeholders
- minimum 7 years of professional experience in the area of it/ cyber-security
- must work well independently but also drive cross-functional teaming successfully to avoid bottlenecks
*we value*:
- preference will be given for the following certifications: cisa, cism, cissp and ccna
- engineering degree, including a master's in information security is a plus.
- significant experience in information security domain including strong understanding of information security best
- practices, industry control frameworks, processes and solutions
- extensive hands-on experience with internet firewall, dmz, extranet, vpn, intrusion detection and forensic technologies.
- experience and knowledge of all windows platforms, aix, solaris, hp-ux and linux
- significant experience and understanding of the tcp/ip protocol suite, routing, switching, and bridging in lan/wan multi-national environments.
- experience in maintaining common it technologies such as firewall, vpn, pki, e-business and web technologies, vulnerability & risk assessment, intrusion detection, event correlation tcp/ip, snmp.
- intermediate knowledge of it security industry compliance frameworks (example: nist 800-53, iso 27001/2).
- knowledge and/or experience with process improvement and quality control methodologies such as six sigma a plus
- a self-starter, with limited supervision & be able to work effectively in a global diverse environment
- experience in it risk & compliance
*additional information*:
- *
job id*:req335883
- *
category*:information technology
- *
location*:av.
salvador nava martinez 3125,san luis potosi,san luis potosi,78260,mexico
- exempt