Information Security Governance Analyst

About Packsize

Packsize is redefining the way businesses and their customers use and experience

packaging around the world. We build the technology, design the right solutions, and automate the processes that propel the industry forward. To us, packaging is much more than a boxits delivering whats right for our customers, their customers, our people, and the planet.

About the Role

We are seeking an Information Security Governance Analyst to be responsible for implementing and monitoring targeted security policies, practices, and tools and will support the implementation of an Information Security program throughout Packsize. This individual will act as a representative to Packsize partners and customers, offering direction and assisting in the communication and implementation of security controls within Packsize solutions across the entire enterprise.

What you will do

• Lead the development of the Information Security compliance program, utilizing GRC tools to establish, uphold, and communicate information security policies and standards which align with industry regulations and compliance mandates.

• Establish and maintain processes for managing security-related audits, compliance checks, control assessments, and external assessments across Packsize, IT and Information Security. Ensure timely and complete responses to evidence requests and compile management responses and remediation plans as needed.

• Partner with customers and Packsize project teams to answer customer security related questions.

• Escalate security risks to both the security management and business unit leads and work together to define remediation plans for the identified security issues.

• Articulate security risk through the development of executive level control effectiveness reports and dashboards.

• Act as a key stakeholder in IT forums and committees by being an active voice for cybersecurity best practices and policies.

• Lead implementation of a comprehensive third party risk management program. Facilitate risk assessments and reviews of third parties, vendors, and business partners to safeguard against undue risk presented by external entities.

• Support the Packsize cyber training and awareness program, Cyber Tabletop exercises, Red Team Exercises, ensure all findings are addressed timely via the risk issue management process

• Participate and support incident response efforts. Facilitate post-incident debrief. Capture and assign ownership of any risk mitigation activities that were identified during root cause analysis.

What you will Bring

The ideal candidate will possess a strong background in various security domains, extensive experience with security standards, and a track record of implementing robust security measures. This position offers the opportunity to work with cutting-edge technologies and collaborate with cross-functional teams to fortify our cybersecurity posture.

• 5+ years of experience in cybersecurity in one or more roles: security analyst, compliance and regulations, risk management, or technology audit.

• Demonstrated experience and thorough understanding of various regulatory requirements and laws such as GDPR, SOX as well as risk, control, and assurance frameworks, such as SOC2, ISO, NIST, etc.

• Exceptional written and verbal communication skills, and proven ability to translate security risks to all levels of the business.

• Working knowledge of common technical controls across security domains (e.g., logical access, configuration management, security operations, etc.) and technologies (e.g., applications, on prem and cloud infrastructure, networks, endpoints).

• Experience conducting security risk assessments and audits and identifying the risk to the business and defining treatment strategies.

• The ability to interact with Packsize personnel, customers and partners and be able to build strong relationships at all levels and across all business units and organizations, and understand business imperatives.

• Organized, responsive and highly thorough problem solver and able to work with minimal supervision.

• Relevant certifications such as CISSP, CRISC, CISA, or CTPRA are highly desirable.

Working Environment and Physical Demands

• Able to commute to Packsize Headquarters and may work remotely in a hybrid setting

• Ability to work in an office environment; sitting for extended periods and move about an office

• Ability to travel up to 15%. Able to travel internationally

What We Offer

Packsize considers several factors when determining compensation when extending a job offer, including but not limited to, the role being offered, the associated responsibilities, the candidate's prior work experience, education/training, and any special skills.

If this role excites you but you dont meet each requirement listed, we encourage you to apply anyway. At Packsize, we welcome applicants of all backgrounds and experiences and understand that the best candidates may come from the most unlikely of places.

Packsize is an Equal Opportunity employer and is committed to diversity in its workforce. In compliance with applicable federal and state laws, Packsize policy of equal employment opportunity prohibits discrimination on the basis of race or ethnicity, religion, color, national origin, sex, age, sexual orientation, gender identity/expression, veterans status, status as a qualified person with a disability, or genetic information. Individuals from historically underrepresented groups, such as minorities, women, qualified persons with disabilities and protected veterans are strongly encouraged to apply. Reasonable accommodations in the application process will be provided to qualified individuals with disabilities.