Interested in joining a cause-driven, customer focused company dedicated to positively impacting the health of animals, people and the planet? Search our job listings below.
The Information Security mission is to protect the confidentiality, integrity, and availability of information and assets, such that Elanco can deliver on the brand promise to our stakeholders and customers. We will follow a risk-based approach, aligned with business objectives, to drive compliance efforts focused on Elanco maintaining secure operations and management of information. This position reports to the Information Security Senior Advisor responsible for Governance Risk and Compliance. This role focuses on maintaining information security compliance through promoting and partnering with various recognized roles, includes but not limited to System Owners/Custodian, Business Process Owners, Risk Owners, other Functional Group Leaders, Third Parties, external auditing or assessing partners. Responsibilities include identifying and assessing areas of concern, scoping engagements, validating policy compliance, automating test procedures, influencing action plans, partnering with management and audit team members to complete and improve assessment processes, and sharing of best practices and key learning across the organization. Assessments may involve the use of groupings (overlays) of information security controls for system/process authorization and continued operations, third party engagements, regulatory obligations, maturity of program, privacy concerns, information technology controls, and key business process(es). The emphasis of this position is on information security compliance.
- Security Assessment Leadership: Lead and partner with Elanco personnel or Audit/Assessment partners for the purpose of furthering Information Security compliance objectives.
- Security Assessment Execution: Evaluate the compliance status of information security controls and assist control owners to develop/use repeatable processes and procedures to remediate control gaps. Collect and report on remediation plans along with charting progress of open risk items to resolution.
- Process Ownership: Improve/Further develop Information Security compliance processes using input from key stakeholders, internal policies and procedures, and external guidance. Bring standards-based perspective to influence compliance processes using past experiences and research of prevalent and applicable risks and regulations.
- Process Stewardship: Implement and support assessments using technology and evolving capabilities (e.g., analytics, platforms, automation, orchestration).
- Communication: Provide insight, awareness, education on Information Security Assessments to organizational management at varying levels and functions. Provide appropriate reporting and metrics to stakeholders.
- Administrational Tasks: Support for additional Information Security GRC efforts, such as improvements/management/guidance when selecting/using/building/supporting tools, platforms, process(es), operational procedure(s). Enhance and maintain information security policy and standards framework and documentation
- Workforce Education and Awareness: Participate in strategy development and execution of ongoing efforts to educate the workforce about Information Security concerns and good practices through collaboration/tools/services/events
- Maximize People: Contribute to an atmosphere of teamwork and continual learning.
- Delivery: Ability to effectively prioritize and complete key tasks and deliverables
- Bachelor’s Degree
- Prior information security, quality, risk management and/or audit experience preferred (4-7 years in comparable position or responsibilities) Related Certifications desired.
- Qualified candidates must be legally authorized to be employed in the United States. Elanco does not anticipate providing sponsorship for employment visa status (e.g., H-1B or TN status) for this employment position.
Additional Skills & Preferences:
- Strong learning agility
- Ability to influence with or without authority
- Experience working in a global organization with globally dispersed stakeholders
- Demonstrated ability to establish and leverage key internal and external cross-functional relationships to further accomplish support for compliance, risk management and governance
- Business Acumen: proven ability to understand the requirements of the business as they relate to information security and associated compliance efforts
- Understanding solution lifecycle management and associated information security compliance
- Communication skills including experience effectively delivering guidance/findings/directions to both technical non-technical audiences
Elanco is an EEO/Affirmative Action Employer and does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status