Job Description

Essential Job Functions (Tasks, Duties and Responsibilities)

IT Governance (80%)

 Evaluates and updates security policies, procedures, and standards to ensure alignment with applicable security control requirements

Coordinates with data owners to ensure accuracy and completeness of sensitive information
Assist and oversee building the Information Governance program for Carters
Provide services relating to governance and assurance for handling electronic information, including:
Review of guidelines related to information security and management, and coordinate with various teams to ensure compliance with requirements
Coordinate with data stewards to classify what data we have, where its located and how its managed
Manage and upkeep of data maps process i.e., workflows within One Trust that handle personal and consumer information
Monitoring and management of data loss prevention technologies, with investigation as appropriate including collaborating with other information governance stewards from other departments
Coordination of data collection from internal and external systems in support of internal groups
Assist with other information governance and compliance needs for Carters

IT Risk Management (10%)

Assists with the execution of IT security risk assessments against industry leading security controls frameworks
Regularly updates metrics and analysis to track remediation progress and demonstration of control maturity and effectiveness
Evaluates the adequacy and effectiveness of safeguards protecting sensitive Company information

IT Compliance (10%)

Assists with vetting security for 3rd party vendor reviews
Assist with the Cyber Security quarterly review process

 Supervisory/ Budgetary/ External Communications

Reports to the Director, IT Risk & Compliance
No Direct Reports

 Secondary Functions (IF Applicable)

As needed, independently researches information governance related assignments
Assists with special projects and risk mitigation objectives

Experience and Skills

Knowledge Skill and Ability Requirements (Minimum Required for Job Performance)

Experience implementing information governance plans
The ability to think critically, assess and quantify technology risk, document complex processes, and collaborate effectively with cross-functional stakeholders is required. 

Prior work Experience and Educational Requirements

Bachelors degree is required, technical degree is preferred.
Professional certification (CISA, CISM, CGEIT, CRISC or similar)
4+ years experience in IT with experience in at least 2 of information governance program