Senior Manager, Information Security Governance, Risk & Compliance

Job Seekers can review the Job Applicant Privacy Policy by clicking here.

Job Description:

Summary
The Senior Manager, Information Security Governance, Risk, and Compliance (GRC) is an advanced role requiring leadership, team management skills, and technical expertise. The Senior Manager, Information Security GRC leads a team of individuals focused on executing Ryder's global IT Risk Management, Governance, Compliance, and Privacy programs ensuring global compliance with organizational policies, industry standards, and the protection of critical systems and information. The ideal candidate is technical and possesses at least ten years of experience leading, executing, and building corporate-wide Information Security compliance programs. The Senior Manager, GRC, is a subject matter expert for colleagues and a partner to the business on risk mitigation.

Essential Functions

• Lead a team of risk, compliance, and privacy experts who partner with global technology teams and business leaders in the execution of Ryder’s Information Security Management System.
• Lead the development and ongoing management of common control and risk management frameworks for measuring the organizational security posture based on industry, regulatory, and customer needs.
• Serve as a trusted partner to educate and collaborate on information security and risk management best practices with stakeholders in Corporate Compliance, Enterprise Risk Management, Internal Audit, Physical Security and Safety, Legal, and IT.
• Lead the development and ongoing management of global information security policies and corporate standards throughout the organization that align with industry guidance and result in effective methods to reduce security risks.
• Lead the development and management of a global third-party risk management program to evaluate new and existing vendors on a regular basis based on their criticality to the business.
• Lead the development and management of a global information security customer compliance program which facilitates the processes for handling customer requests for information security attestations, audits, on-site reviews, and remediation of security findings.
• Lead the development and management of a modern, engaging, global information security training and awareness program to provide ongoing information security education to all levels of the organization.
• Lead the development and management of an IT enterprise risk register to properly catalog, manage, communicate, and assess global IT risks.

Additional Responsibilities

• Provide information security due diligence assistance to global business partners as part of Ryder’s mergers and acquisitions program.
• Performs other duties as assigned.

Skills and Abilities

• Strong verbal and written communication skillsa keen ability to explain complex technical and security concepts to non-technical business stakeholders and management
• Excellent time management, organization, and analytical skills
• Demonstrated ability to drive multiple projects to successful completion
• Demonstrated ability to educate, coach, and mentor individuals at all organizational levels on information security
• Ability to create and maintain professional relationships within all levels of the organization (peers, work groups, customers, supervisors)
• Familiarity of NIST framework, PCI, ISO 27001, SOC, SOX, CCPA, GDPR and global regulations advanced required
• Experience in risk management findings, vulnerability prioritization, threat modeling, and mitigation strategy advanced required

Qualifications

• Bachelor's degree required Information Security, Computer Science, related field, or equivalent work experience
• Master's degree preferred Information Security, Computer Science, or related field
• Eight (8) years or more Experience in Information/Cyber Security field required
• Eight (8) years or more Experience as a lead information systems compliance auditor required
• Eight (8) years or more Experience in implementing and supporting systems utilizing industry standard frameworks and/or best practices (e.g. NIST, ISO 27001 and 27002, Cloud Security Alliance, etc.) required
• Eight (8) years or more in a similar management position or leading/supervising technical teams required
• Familiarity of NIST framework, PCI, ISO 27001, SOC, SOX, CCPA, GDPR and global regulations advanced required
• Experience in risk management findings, vulnerability prioritization, threat modeling, and mitigation strategy advanced required
• Other Information Risk, Privacy, or Security Certification (CISSP, CCSK, CCSP, PCSM)
• Other Other Information Security or industry technology certifications

Travel
1-10%

DOT Regulated
None

Job Category

Information Security

Our Culture & Commitment:

At Ryder, you’re trusted to make an impact—while enjoying room to grow and having a voice that’s heard. Our culture is built on respect, collaboration, and shared pride in doing great work rooted in innovation and safety.

Your Voice. Your Success. The Future We Build Together.

Compensation Information:

The compensation offered to a candidate may be influenced by a variety of factors, including the candidate’s relevant experience; education, including relevant degrees or certifications; work location; market data/ranges; internal equity; internal salary ranges; etc. The position may also be eligible to receive an annual bonus, commission, and/or long-term incentive plan based on the level and/or type. Compensation ranges for the position are below:

Pay Type:

Salaried

Minimum Pay Range:

$100,000.00

Maximum Pay Range:

$130,000.00

Benefits Information:

For all Full-time positions only: Ryder offers comprehensive health and welfare benefits, to include medical, prescription, dental, vision, life insurance and disability insurance options, as well as paid time off for vacation, illness, bereavement, family and parental leave, and a tax-advantaged 401(k) retirement savings plan.

Ryder is proud to be an Equal Opportunity Employer and Drug Free workplace.

All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, among other things, or status as a qualified individual with disability.

Important Note:

Some positions require additional screening that may include employment and education verification; motor vehicle records check and a road test; and/or badging or background requirements of the customer to which you are assigned. 

Security Notice for Applicants:

Ryder will only communicate with an applicant directly from a [@ryder.com] email address and will never conduct an interview online through a chat type forum, messaging app (such as WhatsApp or Telegram), or via an online questionnaire.  During an interview, Ryder will never ask for any form of payment or banking details and will never solicit personal information outside of the formal submitted application through www.ryder.com/careers.

Should you have any questions regarding the application process or to verify the legitimacy of an interview or Ryder representative, please contact Ryder at careers@ryder.com or 800-793-3754.

Current Employees:

If you are a current employee at Ryder, please click here to log in to Workday to apply using the internal application process.

Job Seekers can review the Job Applicant Privacy Policy by clicking here.