Our Ability Jobs

To Build your Skills Profile – type ‘Employment’ into Abi

Job Information

Trane Technologies Director of Cybersecurity Governance, Risk and Compliance in Davidson, North Carolina

Director of Cybersecurity Governance, Risk and Compliance

Davidson NC 800E Beaty St, Davidson, North Carolina, United States

Information Technology

Requisition # 2102837

Total Views 695

At Trane Technologies® we Challenge Possible. Our brands – including Trane® and Thermo King® - create access to cooling and comfort in buildings and homes, transport and protect food and perishables, connect customers to elevated performance with less environmental impact, dramatically reduce energy demands and carbon emissions, and innovate with a better world in mind. We boldly challenge what’s possible for a sustainable world.

The Role

As part of the IT Security Leadership Team, this role is responsible for establishing and maintaining Trane Technologies’ overall cybersecurity governance, risk and compliance program, which is designed to ensure that the company’s IT systems and information assets are adequately protected. The individual in this position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets Trane Technologies’ regulatory and other compliance requirements. The Director of Cybersecurity Governance, Risk and Compliance works proactively with leaders of all levels from across the company to design and implement controls that meet Trane Technologies’ defined policies and standards.

Principal Responsibilities

Governance

• Work directly with IT and business unit leaders to facilitate IT risk analysis and risk management processes, identify acceptable levels of residual risk, and establish roles and responsibilities related to information protection

• Facilitate business alignment and communications by creating risk and compliance reporting suitable for various stakeholders, Steering Committees and Councils

• Liaise closely with Audit and Enterprise Risk Management on audits, risk assessments and executive-level reporting

• Facilitate third party and regulatory inquiries related to Trane Technologies security programs and controls

• Maintain an up-to-date understanding of industry best practices, and monitor the legal and regulatory environment for developments that could require changes to Trane Technologies established IT policies and practices

• Coordinate and participate in information security and risk management projects with personnel from IT and business units

• Lead business impact analysis and disaster recovery planning efforts

Risk

• Document risks associated with Trane Technologies’ business, products, systems and information assets

• Ensure highest risk projects, systems and

• Design, conduct and review risk assessments of several types, including:

o Projects

o Suppliers

o Applications

o Key Infrastructure components

o Acquisitions and joint ventures

• Follow up on findings identified in reviews, assessments, automated scans, and internal and external audits to ensure that appropriate actions have been taken

• Continuously report on status of findings to the CISO, CIO and other key leaders

• Manage reviews of third-party suppliers, coordinating closely with IT Sourcing and Legal

Compliance

• Oversee the company’s PCI-DSS Compliance program

• Provide leadership and direction to ongoing privacy legislation compliance activities (GDPR, CCPA, etc.), in partnership with Privacy

• Manage and maintain IT General Controls for SOX Compliance, associated Quarterly Self Assessments, and drive remediation of all identified control deficiencies

Candidate Profile/Qualifications

• Bachelor’s degree in a related field and/or a minimum of 15 years of equivalent experience

• Experience securing multiple platforms and operating systems

• A solid understanding of network design and architecture

• In-depth knowledge of technology, security, risk, and compliance best practices

• Strong capability in interfacing with both technology and business areas

• Experience in risk assessment methodologies and tools

• Excellent interpersonal skills and ability to create collaborative relationships with colleagues and influence without authority

• CISM, CISSP, CISA preferred

• Travel: 5-10%

We offer competitive compensation and comprehensive benefits and programs that help our employees thrive in both their professional and personal lives. We are proud of our winning culture which is inclusive and respectful at its core. We share passion for serving customers, caring for others, and boldly challenging what’s possible for a sustainable world.

We are committed to achieving workforce diversity reflective of our communities. We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, pregnancy, age, marital status, disability, status as a protected veteran, or any legally protected status.

We offer competitive compensation and comprehensive benefits and programs that help our employees thrive in both their professional and personal lives. We are proud of our winning culture which is inclusive and respectful at its core. We share passion for serving customers, caring for others, and boldly challenging what’s possible for a sustainable world.

We are committed to achieving workforce diversity reflective of our communities. We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identify, national origin, pregnancy, age, marital status, disability, status as a protected veteran, or any legally protected status.

DirectEmployers