IT Manager Security

The GRC Manager position is part of the Global Information Security organization within Sylvamo IT organization. The position has global responsibility for managing, directing and support of IP’s governance, risk, compliance, and user education technologies, services and activities.

Remote work is possible.
The key actions, outputs, deliverable, products and services include:

- IT Risk Governance service delivery, support and management.
- Management and definition of the Security Awareness Program for the company including Phishing campaigns and metrics
- Management of the Policies, Standards, and Procedures
- Management of Risk Assessments
- Management of Compliance
- Management of Data Privacy, Data Protection and liaison with Legal on Privacy matters
- Identification, establishment and sustainment of Risk Governance and Risk management as it pertains to Cyber Security
- High quality, reliable, stable, and persistently available Risk Governance technologies and services, worldwide.

**Key Accountabilities**:

- Management, administration, maintenance and support of all Governance, Risk and Compliance technologies and services (end-to-end).
- Manage the technical team responsible for security awareness, compliance and risk management processes and oversee the development, implementation and support of Sylvamo’s enterprise security governance program globally. This includes user training and awareness for all employees and contractors, policy lifecycle management, Compliance, risk assessments, and governance programs such as metrics and reporting.
- Direct the establishment and continuous improvement of governance processes to ensure day-to-day operational stability.
- Development and execution of applicable IT risk standards and processes.
- In partnership with Global Sourcing, select and manage vendors needed for GRC processes (Awareness, Risk management, Compliance)
- In partnership with Legal and other organizations, establish and maintain Data protection, Data Privacy and Data Governance processes
- Development and annual facilitation of applicable Disaster Recovery / Business Continuity solutions and exercises.
- Establish and maintain applicable Enterprise Service Levels (SLAs).
- Strategy and Innovation Leadership
- Provide strategic direction relative to the implementation/use of security governance technologies and solutions at Sylvamo.
- Understand the implications of training and compliance processes across geographic and language boundaries.
- Understand implications of Data centric protection and governace

**Knowledge and Experience**:

- Bachelor’s Degree in Information Technology, Computer Science or a related discipline or equivalent work experience
- 5+ years experience in a management/leadership role
- 7+ years of IT/Information Security work experience
- 4+ years IT business analysis and design experience with exposure to customers.
- Proven leadership skills with the ability to manage staff, manage conflict, deal with ambiguity, negotiate and make timely decisions
- Prior experience interfacing with customers, managing supplier relationships and managing projects through the phases of the project delivery lifecycle from process design through production support.
- Excellent communication skills with demonstrated ability to write clear, concise business communication for multiple levels (management, technical, and user).
- Security Certification preferred: CISSP, CISM, GIAC or CISA.
- Customer Focus
- Building Effective Teams
- Developing Direct Reports
- Business Acumen
- Planning; Priority Setting
- Process Management
- Managing through Systems
- Managing and Measuring Work
- Political Savvy
- Command Skills
- Managing Vision and Purpose
- Technical Savvy
- Written Communications
- Presentation Skills