Measure process or control risk to inform product and program level risk assessment. Make recommendations to managers and peers on opportunities for risk mitigation based on established risk tolerance.
Design, develop and consistently administer a disciplined, data driven program that measures, quantifies, presents and manages information security risk AND helps determine where investments should be made in order to relentlessly move the security needle .
This role is responsible for overseeing the Global Risk Mining Investigations Team. The Risk Mining team acts in a support role to Investigations, Analytics, and Business teams. The team's core responsibility is detecting and analyzing risky patterns, creating a mitigation plan and implementing the right solution internally or partnering with the appropriate teams.
Change Management & Innovation: Develops and/or influences new ideas/approaches. Establishes procedures, plans and practices which promote the adoption of appropriate solutions and sustainability of desired results in complex operational environments. Develops strategies to enhance decision making.
Work with others to build security controls, secure processes, and write security standards to ensure compliance with legal regulations, corporate policies, and customer commitments and to help raise the bar for data protection in the Services division.
Establishes credibility and maintains strong working relationships with groups involved with payment security and compliance matters (InfoSec, Legal, Business Development, Internal Audit, Fraud, Physical Security, Developer Community, Networking, Systems, etc.).
Assist in the coordination of the Company's SOX compliance efforts by partnering with business and IT process owners within shared services and the Brands, Corporate Audit Services and external auditors, including execution of the project plan, reporting, training and communication;
Responsible for building and influencing security compliance as a core competency throughout our relationships with our internal teams/partners/vendor; this includes providing education and training to the organization.
Deliver monthly and quarterly top global IT risks status reports and scorecard. This includes tracking and monitoring progress of top global IT risks, maintaining and continuously improving the systems and processes in place to measure performance, as well as partnering to drive regular communication of performance metrics.