Job Description

Jobright is an AI-powered career platform that helps job seekers discover the top opportunities in the US. We are NOT a staffing agency. Jobright does not hire directly for these positions. We connect you with verified openings from employers you can trust.

Job Summary:

Ford Motor Company is a global leader in mobility and technology, seeking an Information Security Policy (ISP) Analyst to enhance their information security framework. The role involves creating and modernizing security policies, conducting risk assessments, and promoting policy awareness among stakeholders.

Responsibilities:

• Facilitate the creation and modernization of information security policies, standards, procedures and guidelines

• Work with cross-functional and cross regional Authors and Subject Matter Experts (SMEs) with varying levels of business/technical skills

• Lead the Policy, Control and Risk (PCR) governance process to support risk/control changes, regulatory requirements, emerging technologies, and enterprise objectives

• Execute reviews to ensure proper efficacy, conciseness, and alignment

• Facilitate risk assessments by performing quantitative and qualitative analysis of risk data on Application and Infrastructure Risk/Control Framework

• Provide consultation and direction to IT and business teams pertaining to the ISP

• Promote ISP awareness with audience specific training and communications

• Partner with Authors and SMEs on communication efforts to inform Key Information Security Stakeholders of new and updated policy documents

• Research industry best practices and consult advisory groups

• Identify and implement policy process improvements, integration and automation opportunities

• Incorporate future policy enhancements and innovations into the Governance, Risk and Compliance (GRC) strategy

• Identify policy portal defects and tool enhancements

• Produce monthly policy operations and project metrics

• Support the policy exception request (PER) process, reporting and governance

Qualifications:

Required:

• Bachelor's degree in a Technical Discipline

• 1-3 years of experience working with ISO 27001/2 standards, Information Security policies, or IT risks and controls

• Excellent verbal and written communication

• Strong organizational skills; able to advance multiple work streams concurrently

Preferred:

• Process improvement mindset

• Experience performing IT risk assessments

• Knowledge of application development and IT security and controls

• Prior experience working with GRC and Policy Management tools

• Understanding of Compliance and Regulatory requirements e.g. (S-Ox, HIPAA, GLBA etc.)

Company:

We don't just make history -- we make the future. Founded in 1903, the company is headquartered in Dearborn, Michigan, USA, with a team of 10001+ employees. The company is currently Public Company.

Job Tags

Similar Jobs