Sr. Manager Information Security Risk - PVH Corp.

Recruiter
PVH
Location
Bridgewater, New Jersey, United States of America
Posted
06 Apr 2022
Closes
20 May 2022
Ref
PVH1USR24113WDINTERNALENGLOBALEXTERNAL
Function
Technology
Hours
Full Time
POSITION SUMMARY:

The primary purpose of this position is drive the governance, oversight and decision making related to business processes from a security risk perspective. This role will explicitly work with business and IT executives in various capacities across our brands and assess security risk. This role has a significant leadership impact on building, enabling and advancing the Information Security Governance, Risk & Compliance processes and capabilities across PVH brands and business units. It is a requirement of this position to operate in a leadership capacity and influence at multiple levels across business teams. This role will actively drive security leading practices across our brands. It will facilitate a balance between the need to protect the organization and the need to run the business.

PRIMARY RESPONSIBILITIES/ACCOUNTABILITIES OF THE JOB:
  • Operate in a leadership capacity to drive security leading practices for business initiatives.
  • Advise the business units on a day-to-day basis and act as the primary liaison between the Information Security Group and PVH's brands.
  • Champion thought leadership to business units around emerging digital risk areas, including information security and privacy
  • Influence PVH's business strategies by providing subject matter expertise on security risks within emerging digital areas of focus, including advertising and marketing, data analytics, CRM, ecommerce, retail, supply chain, and mobile technologies
  • Identify, establish and maintain relationships with key business stakeholders to govern security risk areas on a regular basis.
  • Support a team to assess vendor risk across the region; including facilitation of strategic vendor meetings and provide guidance around potential security risk impact to business partners.
  • Support governance & prioritization of security requirements across business units related to Digital Transformation projects
  • Collaborate with key Legal, Privacy, and IT teams to promote security initiatives, best practices, and general security awareness within the business.
  • Define and document the on-going development of the Security Risk methodology & toolkit to enhance service delivery and increase business adoption.
  • Support development of the information security strategy based on business priorities, digital transformation projects and upcoming digital trends.
  • Be a champion on developing and maintaining a risk register to report on risk indicators across all forms of management.
  • Maintain knowledge of emerging security risks by attending educational workshops, seminars and reviewing publications.

QUALIFICATIONS & EXPERIENCE:

Experience:
  • 6-8 years of experience working in a Security Governance, Risk and Compliance role with at least 2+ years dedicated to risk assessments and metrics.

Education:
  • College degree is required, preferably in marketing, communications, or ecommerce related fields of study
  • Post-Graduate or relevant certifications are considered a plus.

Skills
  • Knowledge of risk management frameworks and GRC tools
  • Knowledge of business impact analysis or in communicating risk impact to executives
  • Knowledge of emerging digital technologies, such as cloud, Internet of Things, big data, mobile, and omni-channel
  • Knowledge of social media marketing technologies (Facebook, Instagram, WhatsApp, WeChat, etc.)
  • Knowledge of the tools and techniques of data modelling and governance
  • Prior experience across vendor risk management is a plus- identification, assessment, remediation and treatment.
  • Strong communication and influencing skills
  • Strong presentation skills
  • Strong problem solving skills
  • Strong acumen for confidentiality and protection of data
  • Self-Starter
  • Professional and cooperative attitude
  • Team player, able to work and communicate effectively with other members of the business and security teams.
Other
  • Prior knowledge or involvement with data privacy regulations (GDPR, CCPA)
  • Candidate will be required to submit to background check (pre-employment, criminal, credit history and references)
  • Candidate will be required to be sensitive to PVH confidential and proprietary information.

INTERNAL & EXTERNAL CONTACTS:

Internal:

Candidate will interact with various business units across the PVH North America brands

External:

This position will be required to interact with external vendors, venture capitalist companies, and incubators as part of their research into various solution providers in partnership with PVH's business units and brands.

#LI-BC10

PVH Corp. or its subsidiary ("PVH") is an equal opportunity employer and considers all applicants for employment on the basis of their individual capabilities and qualifications, consistent with applicable law and without regard to race, color, sex, gender identity or expression, age, religion, creed, national origin, citizenship status, sexual orientation, genetic information, physical or mental disability, military status or any other characteristic protected under federal, state or local law. In addition to complying with all applicable laws, PVH also has a strong corporate commitment to inclusion, diversity and to ensuring that all current and future PVH associates are compensated solely on job-related factors such as skill, ability, educational background, work quality, experience and potential. To achieve these goals, across the United States and its territories, PVH prohibits any PVH employee, agent or representative from requesting or otherwise considering any job applicant's current or prior wages, salary or other compensation information in connection with the hiring process. Accordingly, applicants are asked not to disclose this salary history information to PVH