Manager, Information Security and Governance

THIS IS A CORPORATE POSITION

Job Summary

The Manager Information Security Governance is responsible for supporting the management and execution of  Papa Johns information security program as it relates to identifying, evaluating, mitigating, and reporting on information security risks in a manner that meets compliance and internal requirements, and supports the risk posture of the enterprise.

Duties and Responsibilities (other duties as assigned)

• Lead the development and maturation of the information security management program.
• Evolve risk and compliance assessments to develop maturation in relation to NIST CSF security framework.
• Ensure PCI compliance through continuous monitoring of controls and making recommendation for enhancements, as needed
• Own the PCI audit lifecycle and provide annual audit evidence to QSA.
• Assess and enhance risk assessments and reporting, audit, compliance, policy, and security awareness activities to ensure compliance.
• Assist with the creation, maintenance, and evolution of metrics for various internal, Board, Committee, and other meetings and discussions.
• Develop and implement a data classification program as part of the overall data Governance program
• Own and deliver Security Policies, Standards, and ensure integration into Papa John’s broader Governance Program. Coordinate with the Engineering and Infrastructure teams to provide updates to security standards and templates as required to meet new regulatory/audit/etc. requirements.
• Manage the daily operations for third party risk management ongoing reviews and onboarding
• Perform ad-hoc analysis and reports as needed to support department’s needs.
• Proactively stay informed of the latest legal and regulatory changes that impact the organization and assess for compliance with the continuously evolving requirements.
• Work effectively with teammates and earn credibility from stakeholders by establishing and maintaining strong working relationships with Business Partners, as needed.
• Foster relationships with middle to senior management, across a range of functions including Internal Audit, Legal and Technology.

It is the policy of Papa John’s to provide equal employment opportunities for all applicants and team members without regard to race, color, religion, sex, age, marital status or civil partnership, national or ethnic origin, pregnancy or maternity, veteran status, uniformed service (as defined by 10 U.S.C. §101 (a)(5)), protected disability status, genetic information, sexual orientation, gender identity, gender reassignment, or gender expression, or any other characteristic protected by statute or law.