COMPANY PROFILE:

WHO WE ARE LOOKING FOR:

CNH Industrial is building the next generation of connected vehicles and equipment, which will create new experiences and make our products smarter. To defend and secure our broad technical environment we are seeking an experienced and passionate Global Manager of Cyber Security Risk. The candidate will be a seasoned security professional with a wide and deep skill set and related experiences.
This is an opportunity to establish and oversee our global security risk assessment and treatment program across multiple business units and functions.

We are seeking a bias-towards-action, results-oriented, motivated and strategic leader who is focused on building processes and technologies that optimize the security posture for our organization. An individual who is a self-starter and can proactively manage complex issues and findings.

YOUR KEY RESPONSIBILITIES:

• Own and drive strategic vision of the Cyber Security risk assessment and treatment... program, this includes 3rd party vendor risk

• Identify, develop, recommend, and implement appropriate strategies, policies, procedures, and systems to improve risk profile

• Analyze, review and quantify issues raised through self-assessments, audits and business

• Collaborate with internal and external partners educating them on risk management processes and procedures with subject matter expertise

• Develop a strategic testing and review schedule of key areas of the business and suppliers

• Develop key relationships with business and technology leaders educating them on risk posture and ways to remediate or reduce risk

• Create scalable process and procedures with templates and appropriate metrics

• Provide expert guidance to and coordinates the efforts of relevant IT, Business and other department leaders in developing, documenting and maintaining procedures

• Effectively collaborate with IT and Business Units in implementing sound risk treatment related solutions

• Assess third party software and vendor risk as part of procurement and purchasing process

• Facilitate the production of documentation, process training and arranging training for key stake holders and risk owners

• Perform annual risk assessment efforts in conjunction with enterprise risk teams

• Oversee the creation and management of risk assessment/treatment plans, documented preparedness status and reports to leadership on progress.

• Track and report on remediation of open risk and issues as identified

• Support and enhance risk awareness training documentation

• Support the creation of white papers and customer facing artifacts as applicable

YOUR KEY COMPETENCES AND QUALIFICATIONS:

• Minimum 8 years' experience in risk assessment, treatment or compliance related fields

• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists

• Experience with IT Risk GRC type software and tooling

• Project management experience a plus

• Ability to understand and interpret vulnerabilities and communicate business impact and remediation actions to management

• Good level of English
Turin Metropolitan City of Turin Italy

Salary Criteria