IT Security Risk and Compliance Analyst

PHINIA: Advancing sustainability today powering carbonfree tomorrow
At PHINIA we create premium fuel systems electrical systems and aftermarket parts for internal combustion engine (ICE) vehicles and industrial applications. We make sure our products are clean efficient and highvalue because we know the actions we take today will have a profound impact on the world tomorrow. Our goal The cleanest ICE technology: carbonfree combustion.
Always PHINIA puts quality first continuing our legacy with over a century of rich expertise and technological innovation. The name PHINIA has roots related to bright and future representing our confidence and commitment to bettering the world.

Our Culture
We believe the health and safety of our employees are a top priority we care about our local communities and the global environment. PHINIA promotes and nurtures a diverse and inclusive environment honors integrity strives for excellence commits to responsibility for our communities and the environment and builds on the power of collaboration.

Career Opportunities
We believe in building a brighter tomorrow for our employees as well as our customers and encourage you to learn about our long history strong culture new technologies and future vision. We offer a strong local presence and interesting global opportunities. Join us on this shared journey toward a brighter tomorrow.

POSITION SUMMARY

This position is responsible to implement and maintain Information Security Compliance program globally. Responsibilities include evaluating Third Party Information Security controls and maturity researching reviewing and recommending the policies controls and procedures for security monitoring and compliance to security frameworks and legal regulations supporting IT and the business on audits or 3rd party compliance programs such as TISAX or Customers Cybersecurity assessments.
The successful candidate will be an excellent communicator with indepth knowledge of the latest industry procedures and regulations.

KEY ROLES AND RESPONSIBILITIES
POLICIES AND PROCEDURES
Create review update and implement the companys Information Technology policies.
Assist in the development and implementation of compliance related processes and/or procedures as it pertains to IT.

AUDITS AND COMPLIANCE PROGRAMS
Providing direct support to IT and represent IT Security on internal and external audit teams where IT inquiry is required.
Facilitate of required testing and auditing activities for the IT Department by internal and external parties leading to successful audits of the company on an ongoing basis
Support the business on 3rd party compliance programs such as TISAX HIPPA or Customers Cybersecurity assessments.
Represent IT Security and partner with HR and Legal teams to identify and manage privacy data protection risks and compliance requirements to help meet stakeholder expectations.

RISK MANAGEMENT
Implement IT Security compliance projects/programs and especially evaluate Third Party solutions and contracts for Information Security controls and maturity. Partner with management business teams Vendors and/or other IT team to develop test or implement risk management strategies and solutions.
Research and recommend remediating controls and identify performance gaps compared to industry best practice to help gain stakeholder buyin
Leverage former experience and industryknowledge network to bring external perspective into the play and apply bestpractices
Prepare and deliver meaningful operational security risk metrics to IT and Business leadership

Education and Experience
Preferred: A fouryear degree in Information Technology with an emphasis in information security.
Required: A Bachelors Degree in Computer Information Systems IT Audit or related field.
5 years Information Technology experience 34 years of experience in Information Security Risk Management or IT Auditing
Working knowledge of common information security management frameworks regulatory requirements and applicable standards such as: ISO 27001 NIST CSF SOX TISAX etc

Core competencies
Strong knowledge in Microsoft Office Application (Word Excel and PowerPoint)
Knowledge of Information Systems security architecture security policies procedures and best practices.
Knowledge of information protection methodologies and concepts such as identification and authentication access control inception and audit trails
Strong Written and Oral English Communication Skills
Strong interpersonal communication and coordination skills and the ability to communicate effectively with a wide range of employees leaders at various levels and other customers.
Ability to deliver outcomes in a global matrix organization with diverse stakeholders and priorities
Ability and desire to solve complex issues/problems
Customer focus

What we offer
We provide compensation and benefits programs intended to attract motivate reward and retain a highly talented globally diverse workforce at all levels within our organization. Our compensation programs are informed by market data and business needs and we are committed to providing equitable and competitive compensation. We are committed to providing our team with quality and competitive benefit programs including health and wellbeing resources familycentric policies and an agile workplace program where not precluded by collective bargaining agreements or national statutory plans. Plans are benchmarked for competitiveness and value.
We provide formal development opportunities at all levels and stages of employee careers. These opportunities are delivered in a variety of formats to make our portfolio of solutions agile sustainable and scalable to support our employees in developing the skills needed to succeed.

What we believe
Product Leadership Innovation that brings value to our customers
Humility Seeking out diverse perspectives and working collaboratively
Inclusivity Recognizing our differences makes us stronger; we are bold and intentional
NetZero Committed to energy efficiency waste reduction and beneficial reuse
Integrity Taking responsibility for our decisions and doing what is right
Accountability Taking ownership of our actions and driving results

Safety
This position will adhere to Global Star Safety Program including safety rules practices and training as outlined in the PHINIA CTCM Safety Policy Manual which includes the use of equipment protective devices or clothing that the employer requires. This individual will work in a manner that stresses the importance of preventing accidents and illnesses. He/she must take every precaution reasonable in the given circumstance for the protection of themselves and coworkers. In addition he/she is responsible for reporting all injuries and/or possible dangerous situations incidents or occurrences to the immediate supervisor.

Equal Employment Opportunity
PHINIA is an equal employment opportunity employer such that all qualified applicants will receive consideration for employment without regard to race color age religion sex sexual orientation gender identity/expression national origin disability or protected veteran status.
No Unauthorized Referrals from Recruiters & Vendors
Please note that PHINIA does not seek or accept unsolicited resumes or offers from thirdparty recruiters or staffing agencies associated with any published or unpublished employment opportunities. Any unsolicited information sent to PHINIA will be considered as unencumbered and free from any fee or charge whatsoever. Only members of our Human Resources Team have the authority to engage or authorize recruiting services which must be agreed upon before the unsolicited resume or offer is received.

Global Terms of Use and Privacy Statement

Carefully read the PHINIA Privacy Policy before using this website. Your ability to access and use this website and apply for a job at PHINIA are conditioned on your acceptance and compliance with these terms.

Please access the linked document by clicking here select the geographical area where you are applying for employment and review.

Before submitting your application you will be asked to confirm your agreement with the terms.

Career Scam Disclaimer: PHINIA makes no representations or guarantees regarding employment opportunities listed on any thirdparty website. To protect against career scams job applicants should take the necessary precautions when interviewing for and accepting employment positions allegedly offered by PHINIA. Applicants should never provide their national ID numbers birth dates credit card numbers bank account information or other private information when communicating with prospective employers or responding to employment opportunities online. Job applicants are invited to contact PHINIA through PHINIAs website to verify the authenticity of any employment opportunities.