Unit Lead - GRC

Company: American Honda Motor Co Inc
Location: Marysville
Posted on: November 20, 2023

Job Description:

Unit Lead - GRC

Location: Marysville, OH
Workstyle: Hybrid

What Makes a Honda, is Who makes a Honda

Honda has a clear vision for the future, and it's a joyful one. We are looking for individuals with the skills, courage, persistence, and dreams that will help us reach our future-focused goals.

At our core is innovation. Honda is constantly innovating and developing solutions to drive our business with record success. We strive to be a company which serves as a source of "power" that supports people around the world who are trying to do things based on their own initiative and that helps people expand their own potential. To this end, Honda strives to realize "the joy and freedom of mobility" by developing new technologies and an innovative approach to achieve a "zero environmental footprint."

We are looking for qualified individuals with diverse backgrounds, experiences, continuous improvement values, and a strong work ethic to join our team.

If your goals and values align with Honda's, we want you to join our team to Bring the Future!

About this Position:

As the GRC Unit Lead for American Honda Motor - North America Region, you will provide leadership for designing, implementing, and managing control and compliance teams and programs. The GRC Unit Lead oversees the management, training, and development of controls and compliance and measures the overall program's effectiveness for Risk Management and Reporting, Regulatory Compliance and Audit Interface, Privacy Security Interface, Third-Party Supply Chain Risk Management, and Security Awareness Training providing cybersecurity protection services. This role will be expected to effectively manage daily operational tasks and security services for continuous improvement to include compliance tracking, risk intake, risk exception processing, and security awareness.

The GRC Unit Lead has experience being an ambassador for a diverse security program. Knowing how to communicate clearly and succinctly to influence others without complete decision authority is a critical skill. In addition, they will have experience working with a broad set of individuals, such as engineers, program managers, compliance and risk managers, auditors, and senior leaders to accomplish desired objectives.

The scope of this role is providing cybersecurity protection services to all 4 critical business environments: Enterprise IT (Offices, Data Centers, End User Devices), Manufacturing OT (Plants, Distribution Centers, Robots, IoT sensors), Connected Products and the Connected Ecosystem of 3rd party suppliers, dealers, service providers throughout the North America Region.

Responsibilities include:

• Leadership and Producing Results: Knowledge of leadership practices and processes; ability to use strategies and skills to enlist others in setting, embracing, and achieving objectives while having a long-term perspective of the future state of things and how to get there. Understanding of the criticality of getting things done in spite of current circumstances and the ability to utilize assigned resources and leverage back-channel resources (individuals or teams) to achieve or exceed planned outcomes.
  o Mentoring, managing, and motivating a high-performing team of managers and engineering professionals and setting clear priorities to achieve enterprise goals and KPIs.
  
  o Utilizes positive reinforcement to motivate & attain desired behaviors; increases productivity.
  
  o Manages own behaviors during interactions, such as feedback giving, to shape workplace events.
  
  o Identifying, recommending, developing, implementing, and supporting new technical solutions, tools, and processes to improve end-user experience, maximize business value and efficiencies as well as driving modernization, automation, and optimization to continuously improve operational effectiveness, agility, performance, availability, and cost of the network services and staff.
  
  o Ensures time, resources, energy, and actions are focused on priorities that matter to the business while reliably meeting all team commitments, quotas, and goals.
  
  o Communicates a strong sense of urgency about solving problems and getting work done.
  
  o Makes effective use of resources not under own direct control.
  
  o Takes risks in improving products and services while holding self and others accountable.
• IT Governance: Knowledge of the accountability framework and processes used to encourage proper behavior in IT activities and operations; ability to implement IT systems and controls to meet business needs and requirements.
  o Recommends technology-based solutions that enable or facilitate IT governance.
  
  o Leads in the implementation of IT governance planning and integration processes.
  
  o Collaborates with Honda leadership to ensure global governance standards are implemented and effective to protect systems in all regions
  
  o Directs the discussion of issues and considerations for regulatory agencies and reporting requirements.
  
  o Consults on the application of a governance model for one of more IT functions.
  
  o Designing and managing the Security Awareness Team to define program objectives, strategy, and execution for cybersecurity training and awareness, measurement, and monitoring.
  
  o Elaborates the importance of IT security and improves organizational awareness.
  
  o Monitors the implementation of IT security standards and procedures within the organization.
  
  o Designs organizational IT security policies, standards, and procedures.
  
  o Leads in IT audit projects and processes to ensure no violation.
  
  o Provides leadership for the Policy Management team to coordinate and communicate new policies, standards, and controls.
• Compliance and Assurance: Knowledge of compliance and assurance processes, regulations and standards involving different systems; ability to facilitate the processes and assess and enhance the organization's internal controls with evolving compliance standards.
  o Evaluates inspection or compliance results and liaise with stakeholders and asset owners to identify reasons for gaps or non-compliance.
  
  o Coaches' other resources on the elements and considerations in the development of compliance processes.
  
  o Proposes enhancements to compliance processes or security controls to strengthen cybersecurity governance.
  
  o Analyzes findings to determine systemic and recurring compliance findings.
  
  o Leads the Compliance Team's coordination efforts with internal and external audit teams, regulators, and all compliance/regulatory committee working groups and reviews.
  
  o Provides oversight and leadership for the Privacy lead's coordination with Legal and the Privacy Office to identify policies and processes where security controls support effective privacy practices and comply with applicable privacy laws and regulations.
• Cybersecurity Risk Management: Knowledge of tools, techniques, approaches and processes of cybersecurity risk management; ability to ensure organizational network operation and minimize negative impacts by cybersecurity risks.
  o Establishes risk management strategy to better respond to organizational cyber threats landscapes.
  
  o Provides insight into cyber risks management based on a whole system understanding of organization IT infrastructure.
  
  o Consults on the adoption of advanced cyber risk maturity models specific to organization's business requirements.
  
  o Determines the overall architecture of cyber security risk management system.
  
  o Leads the Risk Management and Reporting team to ensure the Risk Register, risk exception processes, and remediation plans are up to date as well as creating and delivering reports on high-level or aggregate (includes KRI and risk performance) metrics.
  
  o Provides direction and leadership for the formalization of third-party risk control levels, requirements, and ownership while serving as primary liaison to Audit and Compliance, Procurement, and Legal for third-party incidents.
  
  o Ensures third-party risk information is collected, reported, and distributed to key stakeholders in a timely manner to effectively impact business decision making processes.
• Stakeholder Management: Knowledge of stakeholder management techniques; ability to systematically identify stakeholders, analyze their needs and expectations, and implement various tasks to engage with them.
  o Evaluates stakeholder profiles, roles, claims and interests in an organization and how these may conflict.
  
  o Consults stakeholders in identifying opportunities for strategic change while evaluating the strategic choices available to an organization.
  
  o Manages conflicting stakeholder priorities, when implementing strategic-change initiatives.
  
  o Oversees business operations and resource allocation with strategic objectives and the drivers of shareholder and stakeholder value.
  
  o Reviews professional values and ethical judgment in all aspects of work.
  
  o Oversees key client reviews to assure service and stakeholder satisfaction.
• Vendor/Supplier Management: Knowledge of external provider management processes and ability to effectively manage the business relationship with external providers (e.g., vendors, service providers, contractors, consultants, and suppliers). Manages actual and perceived conflict of interest issues.
  o Monitors and communicates vendor effectiveness, reliability, and performance.
  . click apply for full job details

Keywords: American Honda Motor Co Inc, Columbus , Unit Lead - GRC, Other , Marysville, Ohio