Security Client and Vendor Compliance Lead

The Security Client and Vendor Compliance

Lead will manage compliance and oversight

accountabilities for third party service providers (vendors). This

leader will implement and manage boarding / due diligence required

for third party service providers and ensure operating

effectiveness over time. Oversee internal and external security

audits, ensuring remediation plans for identified issues are

executed effectively as well as monitor emerging regulations and

compliance trends to maintain up-to-date practices. Coordinate with

regulatory bodies, auditors, and other stakeholders on security

risk-related matters.

This role will drive a

culture of continuous improvement for security compliance

practices, benchmark the organization's compliance performance

against industry peers, and foster innovation in security

compliance to address emerging

threats.

Key

Responsibilities

Engages

with Cox business leaders to ensure understanding and support of

security compliance strategy, priorities and

initiatives

Collaborates with the team on

effective roadmap development and governance for global initiatives

related to security awareness, policy development, client and

vendor compliance and overall process

improvement

Establish, maintain and communicate

CAI security policies related to third party service providers.

Partner with cross-divisional counter parts to ensure alignment,

where appropriate, across all Cox

divisions.

Serve as the liaison with External

Auditors, Internal Audit, on all significant Compliance issues

involving third party service providers.

Manage

all contractual security requirements for third party service

providers and present compliance reports to the leadership and

executive team

Provide oversight and guidance

over the assessment of broad complex issues, structures potential

solutions and drive effective resolution with other senior

stakeholders.

Minimum

Qualifications

Bachelor's

degree in a related discipline and 6 years' experience in a related

field. The right candidate could also have a different combination,

such as a master's degree and 4 years' experience; a Ph.D. and 1

year of experience; or 18 years' experience in a related

field

Proactively builds, nurtures and

maintains business-focused, long-term working relationships with

partners inside and outside of the organization. Demonstrates

flexibility when forming and adjusting partnerships to achieve

broader goals. Shows willingness to work across boundaries to

achieve outcomes addressing business, customer and partner goals

and expectations. Demonstrated strong executive presence and

communication skills.

Direct oversight of

managing external attestations such as SOC1 / SOC2 Reports, as well

as managing compliance with GLBA, PCI DSS,

GDPR

Direct experience managing and redlining

contractual security requirements and interacting with

legal.

Direct experience with managing

international compliance requirements in

Europe

Effective negotiation skills, a

proactive and 'no surprises' approach in communicating issues and

strength in sustaining independent views. Strong presentation and

relationship management skills are

essential

Articulate and effective

communicator, both orally and in writing, with an energetic,

charismatic and approachable style. Candidates must have effective

persuasion skills, the ability to work effectively at the highest

levels of the organization, and will display highly effective

networking and influencing

skills

Preferred

Qualifications

Ability to

make strategic decisions, supervise complex programs, manage and

educate highly skilled professionals, and influence other

departments relating to security risk and

control.

Solid, pragmatic business acumen with

a proven record of creatively solving problems and offering

solutions.

Consultative nature to work through

controversial or complex topics to employees, leaders, and / or

senior leadership.

Ability to manage multiple

complex projects while meeting all deadlines and manage leaders of

teams to achieve optimal results.

Develop

strong and productive working environment with key stakeholders and

collaborate closely with other Cox entities' security teams to

implement security best practices.

Relevant

industry certification : CISSP, CEH, OSCP, Azure, AWS, CISM, CISA,

etc.

USD 108,800.00 -

181,400.00 per

year

Compensation : Compensation

includes a base salary of $108,800.00 - $181,400.00. The base

salary may vary within the anticipated base pay range based on

factors such as the ultimate location of the position and the

selected candidate's knowledge, skills, and abilities. Position may

be eligible for additional compensation that may include an

incentive

program.

Benefits : The

Company offers eligible employees the flexibility to take as much

vacation with pay as they deem consistent with their duties, the

company's needs, and its obligations; seven paid holidays

throughout the calendar year; and up to 160 hours of paid wellness

annually for their own wellness or that of family members.

Employees are also eligible for additional paid time off in the

form of bereavement leave, time off to vote, jury duty leave,

volunteer time off, military leave, and parental

leave.

Applicants must currently be authorized

to work in the United States for any employer without current or

future sponsorship.