"At L.L.Bean, we believe the outdoors brings out the best in all of us. We are committed to fostering a culture of belonging and creating safe, inclusive spaces where everyone feels welcome—both here and Outside. We value individual differences and are dedicated to maintaining an inclusive work environment where everyone can bring the best of their experience and talents and truly thrive."
Position Purpose: As a core member of the Governance, Risk, and Compliance Team, this position will play a key role in planning, organizing, communicating, project managing, and reporting the IS GRC Compliance related audits and assessments. Supports GRC, Business, and IT Leadership through developing and maintaining PCI, NIST and L.L. Bean policy compliance documentation and processes in partnership with peers and manager.
We offer:
-
Extraordinary employee experience
-
Flexible schedule
-
Working from home
-
Fitness subsidy
-
Education subsidy
-
3 paid days to enjoy outdoor activities
-
5 Personal/sick days
-
L.L.Bean employee discount
-
Asociación solidarista
-
Life and medical insurance
-
Company doctor
About the role:
-
Support the review, distribution and compliance of internal and external IT policies.
-
Conducts effective PCI audit planning including identifying evidence or control gaps, remediation activities and projects; and managing/working-with the PCI qualified security assessor (QSA).
-
Communicates above, below, and outward with an informative, helpful, service-based mindset to manage timely audit and assessment evidence collection or control testing.
-
Support the IS Compliance documentation and process repositories and continually revisit for opportunities to improve communications or efficiencies.
-
Ensures communication is maintained with business areas throughout the duration of an assessment or audit and that observations are presented to GRC and IS Sr. Leadership appropriately.
-
Report all PCI and Compliance project portfolios to the GRC team and leadership.
-
Manage potential GRC Compliance contract project management staff, including project assignments and administration of contractors, also including managing relationships with organizations like PCI Security Council.
-
Prepares professional, well-documented reporting throughout and at the conclusion of every audit or assessment engagement.
-
Follows up on open audit recommendations to communicate reminder deadlines and offer support if needed.
-
Independently manages workload and provides regular updates on progress against plan.
-
Assists in the identification and prioritization of audit risk areas during the development of the annual audit plan by working with the GRC Risk and Security Operations teams.
-
Develops and maintains business relationships with leadership in assigned service units and/or business units.
-
Provides feedback and makes recommendations to continuously improve department procedures and work standards.
-
Ensures that audit and assessment procedures and process documentation stay updated and current including managing the Compliance Team tools for accurate reporting and management.
-
Assumes additional related responsibilities as requested.
About you:
Education Level: Bachelor’s degree in Management, Accounting, Finance or another related field
Experience: 4+ years of experience in security, compliance, and/or audit
English Level: C1 (Advanced)
Skills and Qualifications
-
Familiar with frameworks: PCI, NIST Cybersecurity, NIST Privacy, State Privacy Laws, CISv8, etc.
-
Excellent computer skills
-
Excellent oral and written communication skills
-
Production- and results-oriented
-
Strong business acumen
-
General IT acumen
-
Demonstrated team-building skills
-
Nice to have: Certifications: PCIP, ISA, NIST, SOX, etc.
"If you care about the outdoors, joining L.L.Bean is a great way to feel good about what you do. Our benefits package makes a good thing even better, with programs and perks designed to support your health and financial goals. Plus, maintaining a healthy work-life balance and re-charging outside are all part of the plan.
If your experience looks a little different from what we've identified and you think you'd be great at this role, we'd love to learn more about you! At L.L.Bean, we believe the outdoors brings out the best in all of us. We strive to reflect this every day in our commitments to employees and partners and in our efforts to promote belonging."
Similar Jobs
What We Do
Welcome to the outside. The official LinkedIn for L.L.Bean. #BeanOutsider L.L.Bean, Inc. is a leading multi-channel merchant of quality outdoor gear and apparel. Founded in 1912 by Leon Leonwood Bean, the company began as a one-room operation selling a single product, the Maine Hunting Shoe. While its business has grown substantially, the company remains committed to the same honest principles upon which it was built – a focus on the customer, continuous product improvement and innovation, respect for people, and preservation of the natural environment. The 220,000 sq. ft. Flagship campus of stores in Freeport, Maine is open 24 hours a day, 365 days a year and welcomes more than three million visitors each year. L.L.Bean can be found worldwide on http://www.llbean.com/ and in over 160 countries via the catalog and website. http://www.llbeancareers.com http://www.llbeanbusiness.com While exploring job opportunities, we recommend you use caution to prevent against internet, email and telephone scams which have become increasingly prevalent. Some of these scams seek to entice victims to pay money or divulge sensitive personal information via fake interviews, employment applications or even offer letters. Please keep the following in mind if you are seeking employment with L.L.Bean: • An L.L.Bean employee will not solicit candidates through a non-L.L.Bean email address or phone number (such as Yahoo, Hotmail or Gmail). • Positions posted on external sites (such as LinkedIn or Indeed) should also appear on llbeancareers.com, if legitimate. • L.L.Bean will never ask for personal information early in the interview process (such as your social security number, national insurance number, date of birth, bank account information, or other sensitive personal information). This information is only required after L.L.Bean offers you a job and you accept the position. [email protected] • Bank information will not be collected prior to the first day of employment.
