Director IT Compliance
Sunbury-on-Thames, United Kingdom | Johnson Controls
Industry:Mechanical / Industrial Engineering
IT / Information Technology
Job Description:56 people have viewed this job
The successful candidate will be a visionary thinker capable of leading large, sophisticated global IT Compliance functions while interacting with the business and technology leaders up to, and including, the Executive Committee and VP/GM levels. This role reports directly to the Johnson Controls Chief Information Security Officer.
The candidate will be able to articulate thoughts clearly, plan initiatives, and execute with appropriate urgency. The candidate will demonstrate drive, intelligence, maturity, and energy and will be a proven change leader. The candidate will possess a high degree of business acumen and must have a “real world” perspective in order to effectively lead interactions with the leaders in the Business Units.
Leads the IT Compliance team of approximately 5-7 security and compliance professionals.
Provides oversight and manages our obligations in the changing regulatory environment.
Directs the review of regulatory compliance requirements to include analysis of business impact/operational risk assessment for enacted laws/regulations and recommended company compliance actions to insure regulatory compliance.
Oversees the strategy and processes for evaluating compliance with internal compliance-related policies and standards, industry standards (e.g., ISO 27001, NIST), and regulatory requirements such as PCI, China Cybersecurity Law, UK Cyber Essentials, and support to SOx, GDPR, and CCPA where necessary.
Partners with the Global Privacy Office and other Legal Compliance owners and stakeholders to ensure IT’s overall adherence to their standards and frameworks.
Regularly updates Information Security and IT management on the overall compliance levels of JCI information assets.
What we look for
Knowledgeable security and compliance leader with demonstrated understanding of cybersecurity concepts and practices
Minimum 10+ years working in one or more major Compliance areas , with 5+ years management / leadership experience.
Experience with PCI-DSS compliance is a plus.
Experience with risk management disciplines and audit/assurance practices.
Strategic leader with demonstrated ability to push compliance requirements in alignment with business objectives.
Excellent verbal, written, and interpersonal communications skills, including the ability to communicate compliance concepts to both technical and non-technical audiences.
Demonstrated ability to effectively facilitate and drive organizational change.
Strong verbal and written communication skills.
Strong interpersonal skills.
Bachelor’s degree in a technical field (Computer Science, Information Systems) or equivalent, master’s degree preferred.
Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or equivalent security or compliance certification(s).
Already a member? Sign In