Restaurant Brands International
Location: Miami,FL, USA
Date: 2024-12-21T20:04:29Z
Job Description:
About Restaurant Brands International: Restaurant Brands International Inc. is one of the world's largest quick service restaurant companies with over $40 billion in annual system-wide sales and over 30,000 restaurants in more than 100 countries. RBI owns four of the world's most prominent and iconic quick service restaurant brands TIM HORTONS, BURGER KING, POPEYES, and FIREHOUSE SUBS. These independently operated brands have been serving their respective guests, franchisees and communities for decades. Through its Restaurant Brands for Good framework, RBI is improving sustainable outcomes related to its food, the planet, and people and communities. Job description The Director - IT Governance, Risk and Compliance will lead the information security team who works collaboratively with IT and Legal within the overall IT Security function, focusing on IT governance, IT Controls and broadening of the IT Compliance and Risk Management programs. This position supports the ongoing IT Security risk management program as well as Vendor Risk Management and regular company training and phishing campaigns. The role is primarily focused on design and implementation of controls and compliance activities as part of regularly scheduled processes (e.g., ITGC, system maintenance) and key initiatives (e.g., IT roadmap projects) at the Company. Key responsibilities include: Lead Contributor to the RBI IT Governance, Risk and Compliance program Lead company process for Third Party Risk Management Lead company program for DSAR (Digital Signature Access Request) administration. Administer regular company training and phishing campaigns Maintain the IT Compliance function with a focus on NIST Management of RBIs NIST framework program, including coordination of periodic risk assessments, identification of new and changing requirements, and collaboration with Internal and External control owners and Audit teams to ensure appropriate risk coverage RESPONSIBILITIES AND DUTIES: Lead the RBI IT Security team in monitoring the SOX compliance program. Act as lead for IT on key internal control related matters (Sarbanes Oxley (SOX) compliance, segregation of duties, policies and procedures, the design of controls in systems and processes, and evaluation of risk). Administer periodic risk assessments, track issues/action plans and drive risk remediation actions to completion. Lead requests to review all new third parties that handle RBI information Administer DSAR program to ensure all requests to have data removed are handled in a timely manner. Serve as team member during IT projects formed to drive business process and systems enhancements with final word on controls related matters. Develop and proactively enhance IT controls by enhancing and supplementing policy, process, and standard operating procedures. Support IT Roadmap projects by advising on minimum IT risks founded in NIST, SOX and best practices. Drive process improvement initiatives across the IT organization. Skills Bachelors Degree in management information systems (MIS), Accounting, Computer Science or Finance preferred though not required; CISA (or equivalent) preferred; or relevant technical experience Ideal candidate has worked with a GRC tool, has some experience in IAM (Identity and Access Management) and has worked with business and IT functional areas to develop and implement mitigating controls Experience with OneTrust to perform third party access requests as well as DSAR requests to ensure customer data is deleted upon request. Experience performing user administration in Windows Active Directory (AD) or SAP Experience administering training tools such as Knowbe4 or HoxHunt Experience with GRC software (i.e. Auditboard, Archer or similar) a plus NIST, AD, SAP experience Relevant experience in IT controls or IT Auditing with some background in segregation of duties or financial controls Experience of working in a global IT enterprise environment with knowledge of IT controls (change management) and systems audit requirements preferred Some knowledge of financial/business processes and automated controls a Coupa, SAP or other Experience with Azure, Application Security tools, web-based security tools. Strong project management and prioritization skills ability to multi-task as needed on various projects and initiatives MS Office software suite knowledge required Restaurant Brands International and all of its affiliated companies (collectively, RBI) are equal opportunity and affirmative action employers that do not discriminate on the basis of race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or veteran status, or any other characteristic protected by local, state, provincial or federal laws, rules, or regulations. RBI's policy applies to all terms and conditions of employment. Accommodation is available for applicants with disabilities upon request.
Apply Now!