About the position
Cox Automotive is seeking a Cybersecurity Sr Lead Engineer to assist business line leadership with identifying, assessing, controlling, mitigating, and communicating risks associated with business processes and decisions. The role involves evaluating root causes, corrective action plans, and collaborating with technology teams to implement and document remediation. The engineer will support the development of Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs), maintain awareness of the risk and control environment, and provide oversight and governance to the assigned business unit regarding its control environment. The position requires executing and monitoring risk governance mechanisms, including Compliance Risk and Control Self-Assessment (C-RCSA) and Risk and Control Self-Assessment (RCSA).
Responsibilities
- Assist business line leadership with identifying, assessing, controlling, mitigating, and communicating risks associated with business processes and decisions.
- Evaluate the root cause, the corrective action plans, and work with business partners Technology teams to successfully implement and document remediation.
- Support the business in the development of Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs).
- Keep the Business aware of the risk and control environment through continuous communication and meetings with Senior Management.
- Provide oversight and governance to the assigned business unit regarding its control environment including change activities.
- Execute, facilitate and monitor risk governance mechanisms, including Compliance Risk and Control Self-Assessment (C-RCSA) and Risk and Control Self-Assessment (RCSA).
Requirements
- Bachelor's degree in information technology, cybersecurity, or a related field.
- Minimum of 8 years of experience in cybersecurity and risk management roles.
- Strong understanding of IT security frameworks and regulatory requirements.
- Proven experience in presenting risk management findings to executive committees.
- Excellent problem-solving, analytical, and critical thinking skills.
- Demonstrated ability to engage, influence, and collaborate with senior executives.
- Deep understanding of cyber and Enterprise Risk Management principles and frameworks.
- Relevant certifications such as Certified Information Systems Security Professional (CISSP) or Certified Risk and Information Systems Control (CRISC) are preferred.
Benefits
- Flexible vacation policy allowing employees to take as much vacation with pay as they deem consistent with their duties.
- Seven paid holidays throughout the calendar year.
- Up to 160 hours of paid wellness annually for personal or family wellness.
- Additional paid time off for bereavement leave, time off to vote, jury duty leave, volunteer time off, military leave, and parental leave.
- Health care insurance (medical, dental, vision).
- Retirement planning (401(k)).
- Paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO).
