What you will love about Johnson Controls:
We've been dedicated to protecting the environment since our invention of the electric thermostat in 1885, which provided a fundamental shift in the energy efficiency of buildings. Now, all over the world, our products and services empower customers and communities to consume less energy and conserve resources.
Global, innovative, industry leader
Growth opportunities abound
Fast paced, evolving company, always learning, always adapting
Great benefits; including Healthcare related wellness discounts, great 401k match, company funded retirement program, vacation, sick time, floating holidays and national holidays
What you will do
This is an ideal time for those skilled in IT risk management and compliance at JCI. Building on the momentum of its investment in its cybersecurity capability, JCI seeks to expand the scope of its IT risk management and compliance.
In this role, you will act as a subject matter expert for compliance requirements and the deployment of enterprise and local controls and the evaluation of compensating controls. This position requires strong communication abilities, as it engages with cross-functional business partners, team members, and leadership across the organization.
As an influential member of the compliance team, this position addresses systems and processes that impact environments in scope for PCI and reinforces the compliance culture at JCI by demonstrating a strong understanding of current and upcoming trends in cybersecurity compliance, the PCI DSS and complementary audit requirements and controls.
The Governance, Risk & Compliance (GRC) Payment Card Industry Data Security Standards (PCI DSS) Compliance Lead enables Johnson Controls' continuous compliance with applicable laws, regulations, and frameworks with specific focus on the Payment Card Industry Data Security Standard.
How you will do it
Administer the compliance program within Global Information Security function with particular focus on Payment Card Industry Data Security Standard (PCI DSS)
Facilitate and execute enterprise scoping, control assessments, evidence collection, issue remediation, and reporting activities
Communicate program compliance issues and control gaps through governance and audit control processes
Provide consultative support to cross-functional business partners on the methods, practices and solutions that achieve the requirements defined by applicable compliance frameworks
Administer the annual re-certification for PCI compliance across in-scope card processing environments
Conduct and document evaluations of compensating controls
Administer the JCI common controls framework to ensure relevant internal and external information security requirements are mapped and communicated to the enterprise
Maintain compliance related policy, standard and procedure documentation to drive consistent, reliable, and repeatable compliance activities
Coordinate relevant, policy, standard, and procedural changes with key IT and business partners
Support the development and implementation of PCI security awareness, training, and continuous improvement efforts
What we look for
5+ years' of progressive IT Audit and/or Information Security work experience within a relevant security compliance role and setting, with broad exposure to multiple competing regulatory and industry-based requirements and environments.
Bachelor's degree (IT/IS or business preferred)
Experience in operationalizing IT compliance activities and programs, and proven presentation and facilitation skills
Experience preparing and presenting Attestations of Compliance and providing guidance in implementing controls stated in the PCI -DSS self-assessment questionnaires.
Experience working with ISO 27001, NIST 800-53 security frameworks and PCI DSS Standard in complex IT operating environments is required.
Exceptional teaming skills incorporating cross-functional teams, peer relationships, informing, and understanding and appreciating differences.
Strong project management, prioritization, presentation, and facilitation skills, demonstrated ability to effectively manage multiple tasks and priorities and drive change across a complex organization, through multiple stakeholders
Strong consultative skills, with the ability to advise and consult with business and technical professionals.
Some international travel may be required.
Johnson Controls is an equal employment opportunity and affirmative action employer and all qualified
Johnson Controls is a global diversified technology and multi industrial leader serving a wide range of customers in more than 150 countries. Our commitment to sustainability dates back to our roots in 1885, with the invention of the first electric room thermostat. We are committed to helping our customers win everywhere, every day and creating greater value for all of our stakeholders through our strategic focus on buildings.
Johnson Controls is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, status as a qualified individual with a disability, or any other characteristic protected by law. For more information, please view EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit www.johnsoncontrols.com/tomorrowneedsyou.
Johnson Controls, Inc.