Pay Transparency Statement:

The compensation philosophy reflects the Company's reasonable expectation at the time of posting. We consider a number of factors when making individual compensation decisions including, but not limited to, skill sets, experience and training, and other business needs. This role may also be eligible to participate in a discretionary incentive program, subject to the rule governing the program.

Position Summary:

The Senior Manager - Security Governance Risk & Compliance (GRC Policy, Design & Remediation) will develop and maintain security governance standards and protocols in partnership with other members of the CISO organization, Reyes Holdings IT, and Reyes Family of Business Units in accordance with accepted frameworks incorporating industry practices and applicable compliance requirements. This role will also need to be able to be a part of the creation of reference architecture that aligns with approved security standards and protocols. Additionally, this role will oversee the management of a remediation program collaborating with Security GRC compliance group for the prioritization of issues across the CISO organization.

Position Responsibilities may include, but not limited to:

• Develops the security standards and protocols for enterprise security by taking a risk-based approach with the Security GRC Compliance team for the program design
• Collaborates to develop reference architecture that aligns with approved Security protocols and standards for organizational strategy
• Focus on working in partnership with IT business units, external partners, and the business to ensure security protocols and standards are updated periodically to address emerging security threats and comply with relevant regulatory requirements
• Leads one or more committees focused on developing standards content, obtaining feedback and approval, and communicating newly issued or revised standards on the enterprise repository
• Collaborate with cross-functional Enterprise Architecture, Reyes Holdings IT, and Reyes Family of Business Units to integrate security measures into system and application architectures as well as any projects
• Collaborate with Security GRC Compliance to prioritize security vulnerabilities and control deficiencies through regular reporting, assessments, and audits
• Drive and execute remediation strategies to address identified vulnerabilities and control deficiencies in a timely and efficient manner collaborating with the CISO organization, Reyes Holdings IT, and Reyes Family of Business Units. Report on these remediation strategies by developing reporting metrics, dashboards, and evidence artifacts
• Manages overall direction of functional areas, developing plans and goals, evaluating effectiveness of each area
• Determines staffing requirements, tooling and services required for success in annual budget process
• Other projects or duties as assigned