Position

IT Security Compliance Manager (Tarrytown, NY)

Department:

IT

Prestige Consumer Healthcare Inc. (PCH) markets and sells well recognized brand name consumer healthcare products:  Company sales are at $1.2B worldwide. PCH has grown through organic growth in many of our number #1 product lines as well as through acquisitions. PCH is running the company on SAP systems specifically S/4 Hana, IBP SNOP, DP and Vistex for Trade Promotion and Deductions Management. S/4 Hana has approximately 300+ users worldwide and all users are on one on premise instance of SAP in our Tarrytown Corporate office.  SAP is a very flexible, fully integrated and complex ERP system that will allow PCH to continue to sustain growth for many years. #hybridwork

PCH IT will need to address the following areas:

  • Risk Mitigation: Mitigate risk by maintaining information security documentation and assisting in the development of security policies and procedures. We will also require additional investment in its governing, tools and processes.
    • Growth of Information Security Policy – support Prestige to elevate operational processes and formalize across the organization
    • Optimization:  Continually look for improvements/new opportunities to improve efficiencies & benefits in the business
    • Training:  Manage the Cyber Security training programs and fake Phish attacks performed at Prestige
    • Inter-module Dependencies:  Security Compliance Officer will work with Network teams and IT management to enhance security controls and documentation



Primary Responsibilities for Security Compliance Manager

  • Work with internal and external auditors to manage the Sarbanes Oxley Compliance and Segregation of Duties
  • Keep all global IT SOP’s current and reviewed on an annual basis
  • Create and update all IT policies and procedures related to NIST CSF compliance
  • Manage the Cyber security training program and fake phishing attacks to company employees currently in Proofpoint
  • Train staff on new security policies and procedures
  • Manage vendor security compliance audits and support recommendations
  • Responsible for leading efforts that include collecting and organizing written responses and documentation, leading calls and meetings to gather information from vendors, and ensuring that all follow-up communications and remediation items are completed on time. You will be responsible for scheduling and coordinating vulnerability assessments, penetration tests
  • Organizing and conducting meetings of the firm’s cloud security review team, coordinating the assessment of vendors, and leveraging team members’ expertise in the vendor review process
  • Creating and presenting regular reports to IT senior technology management
  • Make recommendations and advise on organization-wide processes
  • Maintain Global IT SOP’s and procedures

Knowledge and Skills Requirements:

  • A Bachelor’s degree, a Diploma of higher education
  • Demonstrate excellent communication and interpersonal skills
  • Background in working with auditors for Sarbanes Oxley compliance
  • Familiarity with NIST CSF compliance
  • Knowledge of Cloud compliance and dealing with 3rd party vendors for those Cloud compliance security requirements
  • Self starter in developing original documents, SOPS’s, Global Policies and procedures

 

Qualifications:

  • A minimum of 2-3 years of experience focused on information security is required
  • A minimum of two (2) years of experience applying project management concepts is required
  • Background in developing Global SOP’s.
  • Background in Cyber Security training and controls.
  • Familiarity with NIST CSF compliance
  • Excellent  written and verbal communication skills
  • Must have business process knowledge
  • Must be a team player and must contribute at the team level

Education and Training Requirements:

  • Requiring at least 5+ years with documentation around IT policies and procedures
  • Must have Enterprise level experience with solutions and driving continuous improvement throughout the organization
  • Must have professional experience

Working Conditions:

  • Must be able to work from the Prestige Consumer Healthcare office in Tarrytown, NY in a hybrid scenario, 3 days a week in Tarrytown(Tuesday – Thursday)  Monday and Friday are work from home days
  • Must be able to remotely support the organization with their critical issues should the need arise.
  • Must be able to act in a professional manner at all times
  • Must have the personality to work with all levels of management at any time
  • Must be able to work in a Validated environment and stay within the confines of change control
  • Must be able to follow Company Policies and Procedures

Prestige is an Equal Opportunity Employer

Search Firm Representatives - Please read carefully:

PRESTIGE CONSUMER HEALTHCARE does not accept unsolicited assistance from search firms. Please, no phone calls or emails. All resumes sent by search firms to any employee at Prestige Consumer Healthcare via-email, the Internet or in any form and/or method without a valid written search agreement in place for this position will be deemed the sole property of Prestige Consumer Healthcare. No fee will be paid in the event the candidate is hired by Prestige Consumer Healthcare as a result of the referral or through other means. Thank you for your cooperation.

Apply For This Position

Files must be less than 5 MB.
Allowed file types: pdf doc docx.

Beware of Cyber Job Scammers

The jobs you see posted here on this website are the ONLY positions for which Prestige is currently recruiting candidates. Click here for more information.

BEWARE OF CYBER JOB SCAMMERS

The jobs you see posted here on this website are the ONLY positions for which Prestige is currently recruiting candidates. Prestige also does not post "Work from Home" jobs. If you are contacted for a job by anyone using a Gmail, Yahoo or similar email account and claiming to be a representative of Prestige, you are likely dealing with a scammer. If you believe you have been a victim of a scam, report the activity to the Internet Crime Complaint Center at www.ic3.gov or your local FBI field office, which can be found online at www.fbi.gov/contact-us/field-offices.