Security Governance, Risk and Compliance Analyst

Position Title: Security Governance, Risk and Compliance Analyst

Reports to: Head of Security Governance

ABOUT THE WELLA COMPANY

Together, WE enable individuals to look, feel, and be their true selves.

Wella Company is one of the world’s leading beauty companies, comprised of a family of iconic brands such as Wella Professionals, Clairol, OPI, Nioxin and ghd. With 6,000 employees globally, presence in over 100 countries, Wella Company and its brands enable consumers to look, feel, and be their true selves. As innovators in the hair and nail industry, Wella Company empowers its people to delight consumers, inspire beauty professionals, engage communities, and deliver sustainable growth to its stakeholders. For additional information about the Wella Company please visit www.wellacompany.com.

THE ROLE

The Cyber Governance, Risk and Compliance Analyst is responsible for ensuring that Wella can demonstrate compliance with industry standards and regulatory obligations in the use of technology to meet business objectives, including performing, tracking, and reporting on the effectiveness of controls, compliance activities, and risk assessments.

KEY RESPONSIBILITIES

You will execute Cyber governance, risk, and compliance activities to ensure that Wella can demonstrate that its control environment is aligned with audit, risk, industry, and regulatory requirements. Work with key stakeholders to drive consistent and continuous compliance with Cyber controls framework and coordinate internal and 3rd party assessments.

• Provide subject matter expertise on industry-recognized control frameworks, such as COBIT, NIST, ISO, and similar standards
• Manage the development and implementation of Cyber governance, risk, and compliance policies and procedures
• Provide expert-level guidance on implementation, monitoring, and evidence collection to demonstrate alignment with industry-recognized control frameworks
• Plan, schedule, track, monitor, and manage issues related to audit, compliance, and risk assessments
• Provide guidance on company policies that affect the Cyber and IT control environment
• Perform periodic reviews and evaluations of Wella Cyber governance, risk, and compliance program to validate that the program adequately aligns with Cyber, audit, risk, industry, and regulatory reporting and evidence requirements
• Provide subject matter expertise and guidance to the lines of business on interpretation of Cyber requirements to ensure successful completion of internal and external assessments
• Ensure strategic objectives of the Compliance & Ethics Program are met in the context of Security governance, risk, and compliance, including execution of program assessment activities, coordination of response and tracking of action items for remediation
• Identify areas of potential improvement
• Create reporting for Cyber governance, risk and compliance activities to the wider Cyber team and key stakeholders
• Perform third party due diligence Cyber reviews, assist with responses to audit and customer questionnaires
• Prepare Wella staff for planned Cyber governance, risk, and compliance assessment activities

ESSENTIAL SKILLS, EXPERIENCE & QUALIFICATIONS

Education:

• Bachelor’s degree or an equivalent combination of education and experience

Experience:

• Experience implementing, documenting, tracking, and maintaining technology compliance frameworks
• Experience performing compliance assessments, information security, risk management, and/or technology risk management
• Industry certifications are highly preferred

WHAT WE OFFER

• 25 days holiday + additional day off for your birthday (not including bank holidays)
• 3 days’ personal leave for your own signification life events
• 2 paid days off for volunteering/charity work
• Optional Wella Pension Scheme (8% employer contribution, 3% employee contribution)
• Optional Family Private Medical Insurance Cover
• Income Protection
• Life Insurance (8x base salary up to 2 million payable in the event of your death in service of Wella)
• Staff Discount (80% of all hair products, 40% OPI, 1 x 50% ghd)
• EAP (Employee Assistance Program)
• Enhanced maternity, paternity, and adoption leave
• Gym Benefits
• Eye Tests
• WOW Program (Bonus following exit from KKR, eligible after successful probation. For permanent employees only)
• Workplace/Nursery Benefits
• 4 weeks working remotely abroad
• Early Friday Finish during Summer

EEO OPPORTUNITIES

The Wella Company wants to meet the aims and commitments set out in its equality policy. This includes not discriminating under the Equality Act 2010 and building an accurate picture of the make-up of the workforce in encouraging equality and diversity.

We offer equal employment opportunity to qualified individuals without regard to race, religion or belief, color, national origin, age, gender, disability, sexual orientation, gender identity, gender expression, marital or civil partnership, pregnancy and maternity, veteran status, or any other characteristic protected by law. Wella Company with federal and state disability laws and makes reasonable accommodations for applicants and employees with disabilities. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact us at: https://www.wellacompany.com/consumer-affairs

We strongly believe that cultivating a diverse workplace gives a company strength. The combination of unique skills, abilities, experiences and backgrounds creates an environment that produces extraordinary results. EOE Minorities/Females/Protected Veterans/Disabled.

English - Please click on this link to review the Notification of Equal Opportunity Rights poster