Sr. Manager Cyber Security

Date: Apr 27, 2022

Location: São Paulo, São Paulo, BR, 04183-901

Company: Whirlpool Corporation

Whirlpool Corporation (NYSE: WHR) is committed to being the best global kitchen and laundry company, in constant pursuit of improving life at home. In an increasingly digital world, the company is driving purposeful innovation to meet the evolving needs of consumers through its iconic brand portfolio, including Whirlpool, KitchenAid, Maytag, Consul, Brastemp, Amana Bauknecht, JennAir, Indesit and Yummly. In 2020, the company reported approximately $19 billion in annual sales, 78,000 employees and 57 manufacturing and technology research centers.

 

Whirlpool Corporation is consistently recognized by FORTUNE as one of the World’s Most Admired Companies. Our values are the driving force behind everything we do. Integrity, Respect, Inclusion & Diversity, One Whirlpool, and Spirit of Winning propel our teams to excellence. Get to know us and see what it's like to be part of a company that is in constant pursuit of improving life at home.

The team you will be a part of

The Information Systems team is responsible for implementation of the enterprise architecture and the development and maintenance of the organization's computing/IT environment. Determines and develops architectural approaches and solutions, conducts business reviews, documents current systems and develops recommendations of how to proceed with the applications.

This role in summary

As a BISO you will be a senior security leader assigned to lead the cybersecurity and privacy strategy of a region/business unit. You will provide the bridge from the centralized security function to the business. The BISO is responsible for maintaining a strategic relationship with the specific region/business unit, and serves as the business-focused Cybersecurity champion. The goal of this role is to simultaneously enable and safeguard the business, and ensure security is appropriately incorporated into the culture, business functions, and products and services of the organization. In addition this role will ensure business compliance with the information security policy while continuously monitoring/reporting on risks.

Minimum requirements

  1. Bachelor’s degree required, preferably in computer science or information systems;

  2. 10+ years of information technology, with a background in cybersecurity, risk management and compliance;

  3. Ability to communicate clearly and effectively with both technology/development and business partners;

  4. Ability to translate technical/security issues to business users;

  5. Strong relationship, team building and facilitation skills.;

  6. Ability to independently influence others to achieve objectives;

  7. Proven analytical and problem-solving abilities;

  8. Knowledge of information security management frameworks (example: ISO 27001/NIST CSF);

  9. High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity. 

Your responsibilities will include

  1. Work closely with the Global Information Security Officer, Regional Data Protection Officer and business leaders to make sure that cybersecurity and privacy objectives are treated as business requirements;

  2. Act as a subject matter expert (SME) between cybersecurity and the lines of business in the development of appropriate region-specific policies, and standards;

  3. Ensure objectives are met with processes and procedures tailored to best fit the unique requirements of the region/business unit;

  4. Connect cybersecurity and privacy initiatives to compliance, audit and regulatory requirements;

  5. Provide a single point of ownership for the security organization within the assigned region/business unit;

  6. Provide upward visibility into the security posture of the assigned division/business unit;

  7. Act as a liaison between the regional privacy organization and the regional IS function to ensure that proper support and alignment is maintained for privacy related initiatives;

  8. Create and manage plans for measuring security improvements and ensuring appropriate goals are established/tracked;

  9. Develop and maintain in depth understanding of region/business unit processes, systems, technologies, data, customers, consumers and partners;

  10. Continuously monitor regional trends to anticipate and plan for future impact of security risk on a specific region/business unit;

  11. Partner with regional compliance, legal, and IT resources to achieve effective working relationships that can further the effectiveness of the security program;

  12. Lead projects leveraging global teams with highly matrixed resources;

  13. Champion a risk-management culture that considers the application of security controls commensurate to the risk appetite of the organization;

  14. Work with the region/business unit to align funding requirements with regional strategic initiatives.

Preferred skills and experiences

  1. Security certifications to include: CISSP, CISM, CRISC, and CCISO;

  2. MBA or Master's degree in a management, scientific, technical, or engineering field;

  3. Significant work experience working with different regions/business units on risk management and leading information security initiatives.

Additional information

See what it's like to work at Whirlpool by visiting Whirlpool Careers. Additional information about the company can be found on Facebook, Twitter, LinkedIn, Instagram and YouTube.

At Whirlpool Corporation, we value and celebrate diversity. Whirlpool Corporation is committed to equal employment opportunity and prohibits any discrimination on the basis of race or ethnicity, religion, sex, pregnancy, gender expression or identity, sexual orientation, age, physical or mental disability, veteran status, or any other category protected by applicable law.


Job Segment: Engineer, Cyber Security, Social Media, Information Systems, Security, Engineering, Marketing, Technology