Director of Digital Business Cyber Security / Corporate Data Protection

Brambles continues to expand its capabilities in digitizing the pallet pool, and in doing so generates increasingly large amounts of digital data assets. This digitization effort is driven by a central “Digital” function, alongside the Global Cyber team.

The Data and Digital Cyber Leader / Director will report into the global Cyber team (dotted line to Digital leadership) and be responsible for driving overall cyber security compliance across the Digital organization, partnering with the multiple Digital and Technology Service teams to ensure appropriate and effective cyber controls and compliance is achieved across all digitally designed and run platforms, hardware, software, interfaces, and 3rd party capabilities. Effectiveness will start with developing a thorough understanding of our digital business and solutions, extend to driving evaluation and remediation efforts to improve cyber maturity across Digital solutions, and end with ensuring all new solutions and capabilities are secure by design. This leader will take a risk based approach to prioritization and investment, in alignment with the Board approved Cyber Strategy, and ensure choices and investment are clear with respect to cyber needs across the Digital space.

In addition, this leader will partner closely with the Global Privacy Office and Data Management teams to drive overall Data Loss Prevention and Data Protection across Brambles as a whole. This will include evaluating and implementing new people, process, and technology to better manage Data Loss Prevention at scale, and ensuring appropriate protections and controls are in place in tracking, managing, and protecting Brambles data.

• Work closely with the Digital business globally to review, evaluate, interpret, influence, and provide leadership on proposed and enacted cyber protections and capabilities and industry-best practices in their jurisdictions.
• Act as the primary security contact, collaborating with business and IT leaders to balance risk / reward to improve security in IT applications and third-party engagements, developing deep understanding of business processes, systems, technologies, data, stakeholders and third-party partners.
• Partner with Compliance, Legal, IT resources to achieve effective working relationship that can further the effectiveness of the Information Security Program.
• Advocate for required change and continuously manage policy and standards exceptions program. Lead discussions and answer complex cross-functional policy and standards questions, forecasting best practice in policy.
• Support implementation of Governance, Risk, and Compliance (GRC) and third-party security toolset for the Digital organization. Ensure collaboration with GRC stakeholders.
• Contribute to and align risk programs with the NIST CSF based information security program.
• Communicate, oversee and carry out technical implementation of security solutions required to meet business objectives.

• Define and drive the global Data Protection and Data Loss Prevention program to ensure all sensitive Brambles data is appropriately protected, especially when shared outside of the company.
• Engage collaboratively with application development, data protection, information security, and risk management teams to understand and implement data security solutions.
• Support vendor assessments, including proof of concepts & security technologies research.

• At least one Information Security certification such as CISSP, CRISC, CISM, CISA, etc.
• Commercial experience of working in hands-on, functional Information Security roles.
• Hands on data security experience and / or Audit / Risk.
• Security program development or operations experience.
• Demonstrated experience leading data privacy programs for multinational corporations.
• Experience driving large-scale programs, leading and executing cross-business or cross-function initiatives, defining solutions and demonstrating impact or value based on metrics.
• Experience reviewing compliance, mitigating risk and advising senior leadership on privacy laws and regulations, such as GDPR.

Hybrid Remote

• Adaptabilité, Cyber Threat Detection, Cyber Threat Mitigation, Développement de stratégie, Développement de talent, Direction inclusive, Engagement avec les parties concernées, Établissement des priorités, Feedback, Gestion des incidents, Gestion des risques de cyber sécurité, Gouvernance de la sécurité, Innovation, Intelligence émotionnelle, Learn From Mistakes, Littératie numérique, Mentorat, Motiver les équipes, Planification de la réponse aux incidents, Prise de décision fondée sur les données, Travail interfonctionnel

We are an Equal Opportunity Employer, and we are committed to developing a diverse workforce in which everyone is treated fairly, with respect, and has the opportunity to contribute to business success while realizing his or her potential. This means harnessing the unique skills and experience that each individual brings and we do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state, or local protected class.