Description
Brambles continues to expand its capabilities in digitizing the pallet pool, and in doing so generates increasingly large amounts of digital data assets. This digitization effort is driven by a central “Digital” function, alongside the Global Cyber team.
The Data and Digital Cyber Leader/Director will report into the global Cyber team (dotted line to Digital leadership) and be responsible for driving overall cyber security compliance across the Digital organization, partnering with the multiple Digital and Technology Service teams to ensure appropriate and effective cyber controls and compliance is achieved, across all digitally designed and run platforms, hardware, software, interfaces, and 3rd party capabilities. Effectiveness will start with developing a thorough understanding of our digital business and solutions, extend to driving evaluation and remediation efforts to improve cyber maturity across Digital solutions, and end with ensuring all new solutions and capabilities are secure by design. This leader will take a risk based approach to prioritization and investment, in alignment with the Board approved Cyber Strategy, and ensure choices and investment are clear with respect to cyber needs across the Digital space.
In addition, this leader will partner closely with the Global Privacy Office and Data Management teams to drive overall Data Loss Prevention and Data Protection across Brambles as a whole. This will include evaluating and implementing new people, process, and technology to better manage Data Loss Prevention at scale, and ensuring appropriate protections and controls are in place in tracking, managing, and protecting Brambles data.
Key Accountabilities
Digital:
1. Work closely with the Digital business globally to review, evaluate, interpret, influence, and provide leadership on proposed and enacted cyber protections and capabilities and industry-best practices in their jurisdictions. Amongst other things, this will require working closely with relevant stakeholders to identify and address cyber controls and data security issues or concerns in new or existing processes, products and services, and IT systems/software and carrying out formal assessments and, where appropriate, drive change where change is needed.
2. Act as the primary security contact, collaborating with business and IT leaders to balance risk/reward to improve security in IT applications and third-party engagements, developing deep understanding of business processes, systems, technologies, data, stakeholders and third-party partners.
3. Partner with Compliance, Legal, IT resources to achieve effective working relationship that can further the effectiveness of the Information Security Program.
4. Advocates for required change and continuously manages policy and standards exceptions program. Leads discussions and answers complex cross-functional policy and standards questions, forecasting best practice in policy.
5. Support implementation of Governance, Risk, and Compliance (GRC) and third-party security toolset for the Digital organization. Ensures collaboration with GRC stakeholders.
6. Contributes to and aligns risk programs with the NIST CSF based information security program.
7. Communicate, oversee and carryout technical implementation of security solutions required to meet business objectives.
Data:
8. Define and drive the global Data Protection and Data Loss Prevention program to ensure all sensitive Brambles data is appropriately protected, especially when shared outside of the company.
9. Engaging collaboratively with application development, data protection, information security, and risk management teams to understand and implement data security solutions.
10. Supporting vendor assessments, including proof of concepts & security technologies research
Experience
11. At least one Information Security certification such as CISSP, CRISC, CISM, CISA, etc.
12. Commercial experience of working in hands-on, functional Information Security roles.
13. Hands on data security experience and/or Audit/Risk.
14. Security program development or operations experience.
15. Demonstrated experience leading data privacy programs for multinational corporations.
16. Experience driving large-scale programs, leading and executing cross-business or cross-function initiatives, defining solutions and demonstrating impact or value based on metrics.
17. Experience reviewing compliance, mitigating risk and advising senior leadership on privacy laws and regulations, such as GDPR.
Remote Type
Hybrid Remote
Skills to succeed in the role
Adaptabilité, Cyber Threat Detection, Cyber Threat Mitigation, Développement de stratégie, Développement de talent, Direction inclusive, Engagement avec les parties concernées, Établissement des priorités, Feedback, Gestion des incidents, Gestion des risques de cyber sécurité, Gouvernance de la sécurité, Innovation, Intelligence émotionnelle, Learn From Mistakes, Littératie numérique, Mentorat, Motiver les équipes, Planification de la réponse aux incidents, Prise de décision fondée sur les données, Travail interfonctionnel
We are an Equal Opportunity Employer, and we are committed to developing a diverse workforce in which everyone is treated fairly, with respect, and has the opportunity to contribute to business success while realizing his or her potential. This means harnessing the unique skills and experience that each individual brings and we do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state, or local protected class.
Individuals fraudulently misrepresenting themselves as Brambles or CHEP representatives have scheduled interviews and offered fraudulent employment opportunities with the intent to commit identity theft or solicit money. Brambles and CHEP never conduct interviews via online chat or request money as a term of employment. If you have a question as to the legitimacy of an interview or job offer, please contact us at