Lubrizol Lead - IT Risk Management & Data Protection in Wickliffe, Ohio

Lead - IT Risk Management & Data Protection

45545

The Lubrizol Corporation, a Berkshire Hathaway company , is a market-driven global company serving customers in more than 100 countries. We own and operate manufacturing facilities in 17 countries, as well as sales and technical offices around the world. Through our global sales and manufacturing networks, we are able to deliver the products and services our customers need, where and when they need them.

At Lubrizol, our mission is straightforward: We improve lives as an essential partner in our customers’ success, delivering efficiency, reliability or wellness to their end users. Read the cover story at https://www.lubrizol.com/-/media/Lubrizol/Our-Company/Documents/Eric-Schnur-Smart-Business-Article.pdf in Smart Business Magazine to learn how Lubrizol plans to advance its growth.

IT Risk Management and Data Protection Lead

Summary of Responsibilities

This role will be accountable for owning and delivering an IT Risk Management Program that balances risk with the evolving business needs of the organization to drive business productivity. The individual will partner closely with IT and business stakeholders to ensure IT risks are identified and proper controls are in place including capabilities to protect sensitive information.

Duties/Responsibilities

  • Responsible for the strategy and management of the IT Risk Management program

  • Provide leadership and subject matter expertise on IT risks including 3rd party risk management

  • Develop risk management policies, standards and guidance based on asset criticality and business risk

  • Facilitate technology and operational risk assessments including 3rd party

  • Identify, assess and manage potential IT risks and drive accountability for risk reduction efforts

  • Ensure proper controls are embedded within IT services, processes and systems

  • Provide executive reports and scorecards and present recommendations for improvement

  • Act as point of contact to Internal Audit and external regulators on IT risk management areas

  • Provide leadership and drive strategy for information protection services as part of IT risk management

  • Identify trends and design solutions that ensure the security of sensitive data

  • Drive implementation of data classification and protection program

  • Establish and maintain strong relationships with IT and business leaders and stakeholders focusing on IT risk management, data protection and data loss prevention

  • Perform other job-related duties as assigned Skills/Requirements

  • Bachelor’s degree in IT or related field

  • 10+ years in IT risk management, compliance and audit including 2+ years at a manager level

  • 3+ years with responsibility and support for 3rd party risk management

  • 3+ years with responsibility and support for data protection and data loss prevention

  • Deep understanding and use of IT security and control frameworks; NIST, SANS, ISO 27000

  • Experience implementing and advancing risk management programs

  • Experience using IT risk registers and GRC tools

  • Experience implementing and advancing data classification and data protection efforts

  • Understanding of cloud technologies and services as it relates to 3rd party risk and data protection

  • Strong ability to negotiate, influence and align people around complex concepts and topics

  • Strong written and verbal communications skills

  • Ability to communicate across technical and non-technical audiences in user-friendly manner

  • Strong IT process discipline, strategic and critical thinking skills

  • Ability to plan, manage and maintain a complex, organization-wide program

  • Strong project management skills including complete project lifecycle Considered a Plus

  • Familiarity with SAI Global DM360

  • Familiarity with Microsoft Information Rights Management (IRM) and Azure Information Protection (AIP)

  • Familiarity with McAfee Skyhigh Security Cloud

  • Familiarity with Digital Guardian

  • Familiarity with request ticketing systems

  • Professional IT or Risk qualification. CISA, CRISC, GISP and/or CISSP

While headquartered in the United States, Lubrizol is truly a global specialty chemical company. We have a major presence in five global regions and do business in more than 100 countries. Our corporate culture ensures that Lubrizol is one company throughout the world, but you will find each region is a unique place to work, live and play.

Lubrizol is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to sex, race, color, national origin, citizenship, age, religion, marital status, military service, sexual orientation, genetic information, gender identity, or any other characteristic or trait protected by federal, state, or local law.

Nearest Major Market: Cleveland

Nearest Secondary Market: Akron

Job Segment: Database, Risk Management, Manager, Information Systems, Data Management, Finance, Technology, Management, Data