Lead Security Analyst, Policy Controls & Risk Remediation
Description:
At Bath & Body Works, everyone belongs. We are committed to creating a culture of belonging focused on delivering exceptional fragrances and experiences to our customers. We focus on recruiting, retaining, and advancing top talent. In addition, we work to improve our communities and our planet to help the world live more fully.
This individual contributor position will lead our global enterprise cyber security risk management program. Cyber Security sits within the Information Technology team as an integral part of the Bath & Body Works business. You will develop, design and deliver documentation, processes and services that ensure successful enterprise delivery of cyber security policies, risk management taxonomies, control catalogs, risk register management, and issues and remediation governance. This role is vital to ensuring that Bath & Body Works operates within its Cyber Security risk tolerance and risk management requirements. You will work extensively with internal and external business and technology partners from entry-level to senior executives in all areas of the business. If you love tackling challenges, helping grow programs, and fostering collaboration, this is the role for you.
Responsibilities:
Research, develop, write, communicate, and maintain Cyber Security Policies, Standards and Procedures.
Deliver Risk Management Framework Governance to ensure consistent delivery across enterprise systems.
Actively monitor, maintain, and enhance our Control Catalog and Control Frameworks to ensure alignment with business plans, technology roadmaps, and industry control frameworks relevant to retail and our business model.
Manage our Risk Register to ensure completeness and accuracy of risks to ensure appropriate risk profiling and risk management prioritization and reporting for leadership.
Lead managed security services team to deliver Issues and Remediation Governance and Reporting to ensure relevant issues are captured, tracked, correctly scored, communicated to appropriate stakeholders, and monitored for fixing on committed timeframes.
Work with third party assessor to facilitate annual cybersecurity program maturity assessment to deliver continuous monitoring and improvement of program capabilities.
6+ years of experience in information security and risk management.
Experience building and maintaining partnerships with business and technology teams that deliver results and outcomes in line with risk tolerance and risk management expectations.
Experience delivering solutions, solving problems, and delivering documentation that meet business requirements - from concept, to design, to implementation, through post
implementation support, and on-going operations.
Experience working, influencing, and delivering requirements and successful outcomes in line with risk frameworks, compliance expectations, and governance risk and compliance technologies and processes.
Experience multi-tasking and prioritizing deliverables and managing expectations across multiple simultaneous projects, teams, and individuals.
History of learning and expanding your own skills and adapting to new and changing environments
Salary Target: 155k + Bonus
Core Competencies
Lead with Curiosity & Humility
Build High Performing Teams for Today & Tomorrow
Influence & Inspire with Vision & Purpose
Observe, Engage & Connect
Strive to Achieve Operational Excellence
Deliver Business Results
Benefits
Bath & Body Works associates are the heart of our business. That’s why we're proud to offer benefits that empower you to Dream Bigger & Live Brighter. Benefits for eligible associates include:
Robust medical, pharmacy, dental and vision coverage. Plus, access to our onsite wellness center and pharmacy located at the Columbus, OH home office.
401k with company match and Associate Stock Purchase with discount
No-cost mental health and wellbeing support through our Employee Assistance Program (EAP)
Opportunity for paid time off and paid parental leave. Plus, access to family and lifestyle programs including a family building benefit, childcare discounts, and home, auto and pet insurance.
Tuition reimbursement and scholarship opportunities for post-secondary education programs
40% merchandise discount and gratis that encourages you to come back to your senses!
Visit bbwbenefits.com for more details.
The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required.
We will consider for employment all qualified applicants, including those with arrest records, conviction records, or other criminal histories, in a manner consistent with the requirements of any applicable state and local laws. Please see links: Los Angeles Fair Chance In Hiring Ordinance, Philadelphia Fair Chance Law, San Francisco Fair Chance Ordinance.
We are an equal opportunity action employer. We do not make employment decisions based on an individual’s race, color, religion, gender, gender identity, national origin, citizenship, age, disability, sexual orientation, marital status, pregnancy, genetic information, protected veteran status or any other legally protected status, and we comply with all laws concerning nondiscriminatory employment practices. We are committed to providing reasonable accommodations for associates and job applicants with disabilities. Our management team is dedicated to ensuring fulfillment of this policy with respect to recruitment, hiring, placement, promotion, transfer, training, compensation, benefits, associate activities and general treatment during employment. We only hire individuals authorized for employment in the United States.
Application window will close when all role(s) are filled.