Description Kenvue is currently recruiting for Cyber Governance, Risk and Compliance (GRC) Lead.
This position reports into Director Cyber Risk Governance and is based at Sao Jose dos Campos, Brazil.Who We Are At Kenvue , part of the Johnson & Johnson Family of Companies (Kenvue), we believe there is extraordinary power in everyday care.
Built on over a century of heritage and propelled forward by science, our iconic brands-including NEUTROGENA ® , AVEENO ® , TYLENOL ® , LISTERINE ® , JOHNSON'S ® and BAND-AID ® -are category leaders trusted by millions of consumers who use our products to improve their daily lives.
Our employees share a digital-first mindset, an approach to innovation grounded in deep human insights, and a commitment to continually earning a place for our products in consumers' hearts and homes.Join us in shaping our future--and yours.Position Summary The Cyber Governance, Risk and Compliance (GRC) Lead will develop and implement cyber GRC policies and procedures to ensure compliance with industry standards and regulations.
They will be responsible for managing the Cyber Issue Register and providing support to peers and business partners.
Additionally, they will collaborate with cross-functional teams to establish governance processes and procedures for the overall Cyber program.What will you do The Cyber Governance, Risk and Compliance (GRC) Lead is responsible for ensuring the organization's adherence to cyber GRC policies and procedures.
They will lead and manage cyber GRC projects from inception to completion.Key Responsibilities • Develop, implement, and maintain cybersecurity policies, procedures, and standards to address emerging threats and maintain a strong security posture, while ensuring compliance with industry standards and regulations.• Develop and maintain an effective cybersecurity governance framework to ensure alignment with organizational goals and industry best practices.• Provide support and governance of the Cyber Issue Register, manage backlog of enhancements, and prioritize improvements, as necessary.• Establishing governance processes and procedures for the overall Cyber program.• Stay up to date on industry trends, best practices, new and upcoming laws, and regulations related to cyber GRC.• Develop, prepare, and present reports on cyber GRC activities and initiatives, as needed.• Lead and manage cyber GRC projects from inception to completion.• Create and maintain documentation and provide training to end-users as needed.• Anticipate and resolve issues/barriers that impede progress, and proactively communicate with and seek assistance from key stakeholders.What We Are Looking For Required Qualifications • Bachelor's degree in computer science, Information Systems, or a related field, or equivalent experience.• At least 3 years of experience in cyber governance, risk management, and compliance.• In-depth knowledge of industry standards and regulations, such as NIST CSF, 800-53, ISO 27001, and GDPR.• Strong analytical and problem-solving skills.• Excellent communication and interpersonal skills.• Ability to work independently and as part of a team Desired Qualifications • Experience with cyber GRC tools and technologies, such as RSA Archer, MetricStream, or ServiceNow.• Certifications such as CISA, CISM, CISSP, or CRISC are a plus.Kenvue is proud to be an Equal Opportunity Employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identify, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.
