Policy and Standards, and Exceptions Program Manager
This position reports to the Policy and Standards Lead Manager in the Climate Security Office.
- You will be responsible for drafting and submitting security policy and standards, working with the business to help them understand each and negotiating legitimate needs for exceptions.
- You will manage the Exceptions process lifecycle, and aid in the quantification and reporting of risk based on exceptions granted.
- You will work with Departments to track the development of appropriate controls, baselines, guidelines, and Standard Operating Procedures (SOPs) to implement approved policies and standards.
- You will produce reports on the status of adoption of Policy and Standards and exceptions against them for use within the Climate Security Office, by the Chief Information Security Officer, by the Climate Leadership Team, and by Bayer’s Cybersecurity Risk Management function..
What You Will Do:
Our parent companies have robust information security policies and standards which have been developed for their unique cultures, their manufacturing processes in crop sciences, pharmaceuticals, medical, consumer health, and chemical production.
At Climate, we are a digital products and services company, but our need for information security is no less. You will work under the direction of the Policy and Standards Lead Manager, and shall be responsible for tasks such as taking our parent companies’ policies and standards, and prepare drafts of like versions that are applicable for The Climate Corporation.
You will maintain mappings back to the original policies and standards for use in reviews and audits. You will work with stakeholders in Departments across The Climate Corporation looking for areas of conflict between the policies and standards and the business.
You shall prepare Exception Requests for consideration, and shall manage the Exception lifecycle process for each Exception that is approved, working with the Exceptions Committees of our parent companies.
You shall work with the various Departments at Climate such as Engineering, Operations. IT, Marketing, Finance, etc. to communicate the reviewed and approved policy and standards which will be used at Climate, to document the controls they create to implement them, and the related baselines, guidelines, and Standard Operating Procedures (SOPs). You shall work with the Education and Awareness team to develop training for Climate Staff in the policy and standards, appropriate for their job roles.
You shall manage ongoing changes to policy and standards in response to business needs, preparing business cases and supporting documentation. As the need arises within the business for exceptions to policies and standards you shall prepare each for submission to and review by the Exceptions Committees. You shall track and manage exceptions.
During internal and external audits you will be the liaison between the Policy and Standards and Audit and Compliance functions in the Climate Security Office, the Exceptions Committees, and the audit teams, to gather and prepare necessary policy and standard-based documentation for review during audits.
- Bachelor degree in Computer Science, Mathematics, or Science, Computer or Electrical Engineering, or equivalent experience.
- Hands-on experience with the implementation and/or management of policy and standards or exceptions processes.
- Knowledge and expertise of operating within Information Security Management Systems.
- Experience presenting policy and standards requirements to the business in a manner they can understand and work with.
- Experience with ISO/IEC 27001, ISO/IEC 27002, ISO/IEC 27017, NIST Risk Management Framework and SP800 series publications, COBIT, etc.
- Experience with writing and managing updates to policies, standards, baselines, guidelines, and Standard Operating Procedures.
- Results-oriented with the demonstrated ability to effectively prioritize and successfully manage multiple projects at once.
- The ability to write clear and understandable reports and presentations.
What We Offer:
Our teams are composed of industry experts, top scientists, and talented engineers. The environment is extremely engaging and fast-paced, with dozens of specialties coming together to provide the best possible products and experiences for our customers.
We provide competitive salaries and some of the best perks in the industry, including:
- Superb medical, dental, vision, life, disability benefits, and a 401k matching program
- A stocked kitchen with a large assortment of snacks & drinks to get you through the day
- Encouragement to get out of the office and into the field with agents and farmers to see first-hand how our products are being used
- We take part and offer various workshops, conferences, meet-up groups, tech-talks, and hackathons to encourage participation and growth in both community involvement and career development
We also hinge our cultural DNA on these five values:
- Inspire one another
- Innovate in all we do
- Leave a mark on the world
- Find the possible in the impossible
- Be direct and transparent
Learn more about our team and our mission:
The Climate Corporation - The Technology Behind Making A Difference
As part of our dedication to the diversity of our workforce, The Climate Corporation is committed to Equal Employment Opportunity without regard for race, color, national origin, ethnicity, gender, protected veteran status, disability, sexual orientation, gender identity, or religion. If you need assistance or an accommodation due to a disability, you may contact us at firstname.lastname@example.org#LI-AM1