Design Your Future at PVH
Analyst, Cyber Security Policy and Standards - PVH Corp.
POSITION SUMMARY:
We are seeking a skilled and detail-oriented IT Security Policies and Standards Analyst.
The Cybersecurity Policy and Standards Analyst is responsible for assisting in the development, maintenance, and promotion of security policies, standards, and guidelines. This role ensures that PVH cybersecurity practices adhere to regulatory requirements and are aligned with industry best practices.
PRIMARY RESPONSIBILITIES/ACCOUNTABILITIES OF THE JOB:
Policy and Standards Development:
Collaborate with various departments to develop, refine, and implement cybersecurity policies, standards, and guidelines.
Translate technical requirements and risks into understandable policies and standards for a diverse audience.
Regulatory and Compliance Oversight:
Monitor and analyze changes in legislation, regulations, and industry standards that impact organizational cybersecurity practices.
Support the organization's compliance initiatives by conducting gap assessments and recommending remediation strategies.
Stakeholder Engagement:
Engage with business units and technical teams to ensure that security requirements are understood and integrated into projects.
Promote awareness and understanding of security policies and standards across the organization.
Continuous Improvement:
Periodically review and update existing policies and standards to ensure they remain relevant in the face of evolving threats and changing business needs.
Assess the effectiveness of policies and standards through metrics, feedback, and audits.
Training and Documentation:
Assist in developing training content related to security policies and standards.
Maintain comprehensive and up-to-date documentation on all cybersecurity policies and standards.
Collaboration and Support:
Collaborate with the incident response team to understand security breaches and adjust policies accordingly.
Provide subject matter expertise in cybersecurity policy and standards during internal projects and initiatives.
Maintain a centralized register (database)
All PVH related cybersecurity policies are correlated to associate controls. The platform for which policies and standards are created, reviewed and approved are the responsibility of the analyst.
QUALIFICATIONS & EXPERIENCE:
Experience:
Minimum of [5 Tyears] of experience in cybersecurity, with a focus on policy and standards development.
Familiarity with common cybersecurity frameworks (e.g., NIST, ISO 27001, CIS Critical Security Controls).
Strong written and verbal communication skills, especially in explaining complex technical topics to non-technical audiences.
Ability to prioritize tasks and work in a fast-paced environment.
Knowledge of current and emerging cybersecurity threats and trends.
Education:
High School graduate
Bachelor's degree Information Security, or a related field are preferred.
Relevant certifications such as CISSP, CISM, or CRISC are preferred.
Skills:
1. Technical and Fundamental Skills:
Cybersecurity Knowledge: Comprehensive understanding of cybersecurity threats, vulnerabilities, defense strategies, and best practices.
Regulatory Knowledge: Familiarity with major cybersecurity regulations and standards such as GDPR, CCPA, HIPAA, NIST, ISO 27001, and CIS Critical Security Controls.
Technical Proficiency: Ability to understand and engage in technical discussions related to IT infrastructure, software development, cloud services, and other digital technologies**.**
Risk Assessment: Proficiency in identifying and assessing cybersecurity risks.
Incident Response: Basics of how to respond to cybersecurity incidents and breaches.
2. Analytical Skills:
Policy Analysis: Ability to assess and refine policies for clarity, coherence, and effectiveness.
Critical Thinking: Evaluate complex problems, identify root causes, and develop solutions.
Research Skills: Stay up-to-date with evolving threats, technologies, and regulations.
3. Soft Skills:
Communication: Articulate complex technical and security issues to a diverse audience, both in writing and verbally.
Collaboration: Work effectively across various teams and departments.
Attention to Detail: Ensure that policies and standards are accurate, comprehensive, and clear.
Adaptability: Adjust to the rapidly changing landscape of cybersecurity threats and regulations.
4. Project Management:
Organizational Skills: Manage and prioritize multiple tasks and projects simultaneously.
Time Management: Work within tight deadlines and under pressure.
Stakeholder Management: Engage with various stakeholders, gather feedback, and drive alignment.
5. Educational and Continual Learning:
#LI-BC10
#LI-Hybrid
PVH Corp. or its subsidiary ("PVH") is an equal opportunity employer and considers all applicants for employment on the basis of their individual capabilities and qualifications, consistent with applicable law and without regard to race, color, sex, gender identity or expression, age, religion, creed, national origin, citizenship status, sexual orientation, genetic information, physical or mental disability, military status or any other characteristic protected under federal, state or local law. In addition to complying with all applicable laws, PVH also has a strong corporate commitment to inclusion, diversity and to ensuring that all current and future PVH associates are compensated solely on job-related factors such as skill, ability, educational background, work quality, experience and potential. To achieve these goals, across the United States and its territories, PVH prohibits any PVH employee, agent or representative from requesting or otherwise considering any job applicant’s current or prior wages, salary or other compensation information in connection with the hiring process. Accordingly, applicants are asked not to disclose this salary history information to PVH
http://www.pvh.com