Emea Governance Risk - London, United Kingdom - Careers In Group

Careers In Group

Verified Company

London, United Kingdom

3 weeks ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

At Deckers Brands we don't just create shoes, we create lifestyles. We are about opportunity. Opportunity to create, to grow and to have an impact. We want all our people to be as successful as they can be, to reach their full potential.

We want to positively impact the world, whether that be with our Be Good, Do Good community involvement, or through employing sustainable business practice and socially responsible operations.

How we continue this journey is down to our 3,000 strong globalteam, across our five brands (UGG, Hoka, Teva, Sanuk and Koolabura by UGG).

No matter where you are based within our team, we are committed to helping our people thrive. We will offer you a generous employee benefits package, as well as health, wellness, andcareer development support.

COME AS YOU ARE
We believe that the company you build is defined by the company you keep. We believe that a diverse, inclusive culture drives creativity and success.

We believe that open hearts and minds together can unleash the potential of a brilliant mix of people—in everycorner of Deckers.

We strive to create a workplace that values ALL people, where we embrace differences, and everyone feels empowered to bring their full, authentic selves to work.

Because the more perspectives we share, the better we can be.

The Role

As our GRC (Governance Risk & Compliance) Analyst you will thrive on identifying and mitigating risks, establishing control standards, and addressing data privacy compliance requirements.

Information Security team members work closely with Application Development,Operations groups, and business stakeholders across Deckers Brands to ensure that all solutions preserve the confidentiality, integrity and availability of our sensitive data.

You will help with risk identification and mitigation by leveraging risk management methodologies, frameworks, and principles.

Your focus will be on improving and maintaining Deckers Brands' regional compliance efforts in EMEA and APAC, while supporting Globalefforts.

Your Impact:

Provide support and contribute to the Deckers Brands Information Security GRC programs such as: Risk Management, Third Party/Vendor Management, Compliance Management and others
Work with the contract, procurement, and onboarding of new solutions and partners to ensure the third party meets Deckers Brands' 3rd party risk acceptance standards
Perform periodic reviews of 3rd party security certifications and accreditations to ensure Deckers' partners maintain agreed upon security standards
Perform Data Processing Impact Assessments, when necessary.
Recommend, integrate and manage risk management and compliance tooling
Provide metrics and reporting capabilities to assist quantitative compliance dashboards
Ensure that the Global Security Strategy is meeting the security and privacy needs of internal and external customers
Conduct formal risk analysis and selfassessment programs for Deckers Brands and the associated information services systems, processes, and infrastructure
Contribute to the maintenance and update of Deckers library of information security control standards and procedures based on Information Security policies and procedures and industry best practices
Maintain awareness of changes or updates on security control frameworks, compliance laws and statutes and identify the impact to the business and its security posture
Compiles management reports, summary analyses, and detailed presentations to describe risk, controls, and maturity assessments
Troubleshoot and resolve security related GRC and technical issues effectively and efficiently
Provide appropriately detailed and timely followup support with customers (internal and external)
Communicate and promote the awareness of information security, information risk, and privacy to business units, customers and partners
Define and assist in smallscale projects to improve operational efforts
Occasional travel to remote or regional offices may be required

Who You Are:

High level of creativity, quick problemsolving capabilities and strong analytical skills
Excellent written and verbal communication skills
High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity
Critical thinker with strong problemsolving skills
Ability to work on multiple projects and meet deadlines by setting priorities with work projects
Ability to establish and maintain effective working relationships with coworkers and clients
High degree of initiative, dependability and ability to work with little supervision.

We would Love to Hear from People with:

Experience in either an internal audit or information security role, or some combination of the two
Experience assisting and/or completing risk assessments for large/enterprise level environments
Educational knowledge or work experience with governance, reporting, and compliance tools, preferably one of the following solutions: ZenGRC, OneTrust, BigID, Service Now GRC, Lockpath
Educational knowledge or work experience with security practices such as security incident response and risk management
Knowledge of common information security management frameworks such as ISO 27001, COBIT, and NIST CyberSecurity Framework

Equal Employment Opportunity
Diversity and inclusion are key to our success.

We are proud to be an equal opportunity employer and our employees are people with different strengths, experiences and backgrounds who share a passion for our brands.

We welcome qualified applicants embracingtheir race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, age, military or veteran status, mental or physical disability, medical condition and all of the other beautiful parts of your identity.