Requisition ID: 783129
Position: Full-Time
Total Rewards: Benefits/Incentive Information (https://jobs.luxottica.com/content/Benefits-and-Perks/?locale=en_US)
Luxottica is a global leader in the design, manufacture and distribution of fashion, luxury and sports eyewear. Our wholesale network covers more than 150 countries and our retail presence consists of over 9,100 retail stores across the globe.
In North America, our wholesale business is the home to global brands like Ray-Ban, Oakley, and many of the top fashion house brands. Our leading retail brands include; LensCrafters, Sunglass Hut, Pearle Vision, and Target Optical. We are also home to EyeMed, the fastest growing vision care company in the United States.
Supporting over 4,500 retail stores in North America, a career in our retail headquarters allows us to stay in touch with the end customer and use their ever-changing behaviors and preferences to shape our offerings of the best eyewear and services.
GENERAL FUNCTION
EssilorLuxottica is seeking a manager to build and lead a security risk management, controls and compliance program. You will be responsible for designing, developing, implementing, and monitoring of information security risk management program. This person will consult and interface with industry leaders across the company to design scalable security and IT compliance processes to support company growth while managing risks.
MAJOR DUTIES AND RESPONSIBILITIES
Develop and drive the Information security risk assessment framework and program and collaborate with enterprise risk assessment management function to gain alignment.
Manage risk register and prepare risk reports, facilitate risk remediation in partnership with business and IT stakeholders.
Create and maintain information security policies, and standards aligned with HITRUST, HIPAA, ISO 27001, PCI, NIST CSF addressing compliance and legal obligations.
Support the company's corporate compliance initiatives including HITRUST, ISO 27001, SOC 1, SOC 2, ISO 27001 and PCI.
Engage and manage external auditors supporting IT security and compliance assessments.
Support leadership to develop and expand continuous monitoring processes to assess compliance with information security policies and standards including data mapping, data inventory and data discovery.
Conduct internal assessments to evaluate the disposition of data and operational effectiveness of policies, standards, and internal control framework to manage data.
Implement compliance assessment methods and approaches to increase compliance with documented policies and standards. Track progress against defined treatment plans to verify completion of remedial activities as needed.
Provide business units with recommendations to improve compliance with information. security policies and standards and external requirements.
BASIC QUALIFICATIONS
You have at-least 5 years of experience in security or compliance
You have deep understanding of developing and conducting information security risk assessment frameworks and assessments
You have experience in building security and compliance programs with a variety of frameworks (e.g. HITRUST, SOC 2, ISO 27001, HIPAA, NIST, PCI etc.)
You understand data mapping/discovery, DLP and data inventory tools
You have strong project management skills and a strong ability to work with minimum direction and possess a high drive for results.
You are organized and an excellent written and verbal communicator
You are able to handle a number of simultaneous projects and tasks while demonstrating urgency and ownership to drive issues to completion.
PREFERRED QUALIFICATIONS
2 years experience in a management role
Certified Information Systems Security Profession (CISSP), PCI DSS, Certified HIPAA Privacy Security Expert (CHPSE), Certified Information Security manager (CISM), Global Information Assurance Certification (GIAC), or related.
Experience or knowledge with healthcare or health insurance
Knowledge of CMS and HIPAA related vendor requirements
Upon request and consistent with applicable laws, Luxottica will provide reasonable accommodations to individuals with disabilities who need assistance in the application and hiring process. To request a reasonable accommodation, please call the Luxottica Ethics Compliance Hotline at 1-888-887-3348 (be sure to provide your name and contact information so that we may follow up in a timely manner).
We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, gender, national origin, social origin, social condition, being perceived as a victim of domestic violence, sexual aggression or stalking, religion, age, disability, sexual orientation, gender identity or expression, citizenship, ancestry, veteran or military status, marital status, pregnancy (including unlawful discrimination on the basis of a legally protected pregnancy or maternity leave), genetic information or any other characteristics protected by law. Native Americans receive preference in accordance with Tribal Law.