IT – Cyber Security Analyst

Every moment of every day, people all over the world turn to Panasonic to make their lives simpler, more enjoyable, more productive and more secure. Since our founding almost a century ago, we’ve been committed to improving peoples’ lives and making the world a better place–one customer, one business, one innovative leap at a time. Come join our journey!

Panasonic IT - Cyber Security Analyst

Click here to learn moreabout how Panasonic is creating a better life, a better world.
Watch this videoto see how our employees are shaping the technologies that move us.

What You'll Get To Do:

Operate within the Cybersecurity Governance team and support the cybersecurity compliance management strategy. This role will support development, assessment, and maintenance of policies, standards, processes and procedures, to a level compliant with ISO27001/2, PCI DSS, JSOX, NIST 800-xx, CCPA, GDPR, CMMC and other relevant standards.

The role will work collaboratively with various business and IT teams in the design and implementation of cybersecurity assessment and compliance programs; manage the Information Security Management (ISM) program, manage compliance efforts related to industry standards, support/facilitate audit requests, manage and conduct cybersecurity risk assessments, identify risk themes, manage cybersecurity risk register, and promote cybersecurity awareness and training across the appropriate teams.

Program

• Manage and maintain ISMS in support of ISO 27001 program and CMMC requirements.
• Manage tactical execution of cybersecurity compliance program. This includes execution, support, follow up, monitoring and reporting for areas including -
  • ISM reports, Privacy Impact Assessment, Personal Information Registration, ISM Audit
  • Security Education Training and Awareness (SETA) promotion, delivery and reporting
  • Risk Management, Third Party Risk Management, and related GRC activities
• Manage, promote, monitor and report on regional IT Security conformity activities.
• Manage compliance and response to parent (Japan) Operating Companies.
• Develop and maintain Infosec policies, guidelines and standards in support of Panasonic North America and Global requirements.
• Manage and support the data governance program. Interface with task leaders, subcontractors and support personnel, customers and Panasonic management to drive action and ensure data governance aligned to regulatory standards.
• Manage and execute the regional ISM promotional activities, coordinating and following up with regional ISM Managers and reporting to parent companies.
• Conduct training activities annually.
• Conduct ISM audits for Enterprise IT annually.
• Manage ISM incident intake and reporting.
• Manage risk register maintenance.
• Follow up on outstanding remediation with related stakeholders.
• Liaise and support the Internal Audit department, IT departments, external audit firms, and business units in support of regulatory and management audits.
• Keep informed regarding pending industry changes, trends, and best practices and assess the potential impact of these changes on organizational processes.
• Raise concerns to senior management with clearly defined impact statements and recommendations.
• Able to scope out projects and manage day to day processes of a program.

Planning and Collaboration

• Support the departmental management activities for cybersecurity compliance.
• Develops schedules to ensure timely completion of tactical activities for cybersecurity compliance.
• Summarizes and reports cybersecurity compliance risks to the senior management and/or its working group overseeing compliance initiatives.
• Collaborate with other North America regional cybersecurity teams.
• Support response to internal and external consumers, regulatory bodies, and auditors about cybersecurity governance, risk, and compliance affairs and inquiries.

What You'll Bring:

Education and Experience

• BS in Information Systems or Information Security
• 5 plus years in IT/Information security risk assessment, IT controls security assessor, or cybersec governance and compliance roles
• ISO 27001 Lead Implementor or Auditor certification
• CRISC or other related risk certification
• Demonstrated hands-on experience with Service Now GRC or Service Now TPRM
• Strong understanding of NIST security family, ISO 27001/2, and other relevant security standards

Preferred (all of the above, plus)

• Demonstrated hands-on experience with KnowBe4
• CMMC certified professional

Problem Solving

• Analytical skills and ability to formulate and articulate roadmaps and recommendations.
• Ability to multi-task and prioritize individual and team work in fast changing environment.
• Ability to interact with personnel at all levels of an organization to resolve issues and provide solutions in a timely manner.
• Ability to maintain a detail-oriented approach while multitasking in a fast-paced environment.
• Strong technical, analytical and problem-solving skills.

Communications

• Experience in successfully working remotely
• Excellent written and oral communication skills.
• Experience working with customers in sensitive environments
• Ability to interface with all levels within an organization and provide input to facilitate cybersecurity compliance decisions.

Other Requirements

• Highly organized, self-motivated and accountable
• Remote position, but preference is for individual to be in Chicagoland area

#LI-AS1