Patterson
Security Lead – Risk & Compliance
Patterson, Saint Paul, Minnesota, United States, 55199
Patterson isn't just a place to work, it's a partner that cares about your success.
One of the distinguishing marks of our company is the talented people who embrace the people-first, always advancing, and results-driven culture. Professional growth abounds in this motivating environment. We value the diverse talents and experiences our employees bring to Patterson and believe that they build a stronger and successful organization.
As the Security Lead – Risk & Compliance, you will play a crucial role in enhancing our organization’s security posture. Join our talented and dynamic Information Security team to lead key programs and initiatives, identifying, managing, and reporting on security and data protection risks affecting the availability, confidentiality, and integrity of Patterson’s information systems, data, and technology assets. This role involves designing, assessing, and supporting security and data protection controls and the associate security programs ensuring compliance with audit and regulatory requirements. Additionally, advocating for security solutions across Security, IT, and Business teams, with the opportunity to mentor and lead associate staff.
At Patterson Companies, we pride ourselves on our strong corporate values, longstanding history, and commitment to growth, all while fostering a respectful and supportive environment for our employees.
Responsibilities:
Lead the PCI-DSS compliance program, designing, implementing, and evaluating processes to validate and report on readiness.
Oversee the Third-Party Risk Management program to identify, report, and remediate security and data protection risks impacting technology assets and data throughout the supply chain.
Partner with various teams to lead assessments, report on remediation, and ensure organizational compliance with audit, regulatory, and compliance obligations.
Collaborate with cross-functional teams to ensure cohesive security strategies and implementations.
Identify, evaluate, and report on security and data protection risks, developing and implementing strategies to mitigate identified risks.
Assist in the implementation and management of the GRC compliance platform, ensuring risk oversight, workflow optimization, and alignment with governance standards. Ability to assist and support implementation and oversight of risk & compliance reporting and dashboards such as through Microsoft Security Compliance.
Lead targeted initiatives, actively collaborating with IT, business stakeholders, and external vendors to prioritize security risks, recommend mitigations or remediations, and implement security controls.
Execute and maintain risk methodologies, owning IT risk processes aligned to frameworks such as NIST-CSF and ISO27001, supporting regulatory and compliance requirements like PCI DSS, SOC2, and SOX. 2
Establish process workflows and lead the design, deployment, integration, and initial configuration of security solutions to enhance GRC processes.
Manage metrics and reporting for program components within the scope of the role.
Lead and mentor team members, providing direction to accomplish team objectives effectively.
Minimum Qualifications:
At least 4 years work experience in information technology, cyber security, audit, compliance, risk, or information security.
Excellent collaboration and communication skills with ability to communicate risk to a diverse stakeholder group.
Proficiency in regulatory requirements and compliance standards (e.g. PCI-DSS, HIPAA, GDPR).
In-depth knowledge of security risk management and compliance frameworks (e.g. NIST-CSF, COSO, ISO27001/2, CSA, etc.).
Highly organized with attention-to-detail. o Experience in mentoring and/or coaching individuals, projects, or teams.
Preferred Qualifications:
Familiarity with audit process and frameworks such as SOC2 Type 2 and HITRUST.
Bachelor’s Degree with an emphasis in security, technology, or engineering.
Ability to influence and inspire others to adopt security best practices and policies.
Security industry certification desired.
This role is open to primarily remote work with the requirement to occasionally come into the corporate office in Mendota Heights, MN for team meetings.
What's In It For You:
We provide competitive benefits, unique incentive programs and rewards for our eligible employees:
Full Medical, Dental, and Vision benefits and an integrated Wellness Program.
401(k) Match Retirement Savings Plan.
Employee Stock Purchase Plan (ESPP).
Paid Time Off (PTO).
Holiday Pay & Floating Holidays.
Volunteer Time Off (VTO).
Educational Assistance Program (Tuition Reimbursement).
Full Paid Parental and Adoption Leave.
LifeWorks (Employee Assistance Program).
Patterson Perks Program.
EEO Statement As a people-first company, Patterson promotes a culture that embodies and celebrates diversity and inclusivity. We believe our employees’ unique experiences and differences is what strengthens us and drives our success. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status.
We are Patterson. We welcome you.
#J-18808-Ljbffr
One of the distinguishing marks of our company is the talented people who embrace the people-first, always advancing, and results-driven culture. Professional growth abounds in this motivating environment. We value the diverse talents and experiences our employees bring to Patterson and believe that they build a stronger and successful organization.
As the Security Lead – Risk & Compliance, you will play a crucial role in enhancing our organization’s security posture. Join our talented and dynamic Information Security team to lead key programs and initiatives, identifying, managing, and reporting on security and data protection risks affecting the availability, confidentiality, and integrity of Patterson’s information systems, data, and technology assets. This role involves designing, assessing, and supporting security and data protection controls and the associate security programs ensuring compliance with audit and regulatory requirements. Additionally, advocating for security solutions across Security, IT, and Business teams, with the opportunity to mentor and lead associate staff.
At Patterson Companies, we pride ourselves on our strong corporate values, longstanding history, and commitment to growth, all while fostering a respectful and supportive environment for our employees.
Responsibilities:
Lead the PCI-DSS compliance program, designing, implementing, and evaluating processes to validate and report on readiness.
Oversee the Third-Party Risk Management program to identify, report, and remediate security and data protection risks impacting technology assets and data throughout the supply chain.
Partner with various teams to lead assessments, report on remediation, and ensure organizational compliance with audit, regulatory, and compliance obligations.
Collaborate with cross-functional teams to ensure cohesive security strategies and implementations.
Identify, evaluate, and report on security and data protection risks, developing and implementing strategies to mitigate identified risks.
Assist in the implementation and management of the GRC compliance platform, ensuring risk oversight, workflow optimization, and alignment with governance standards. Ability to assist and support implementation and oversight of risk & compliance reporting and dashboards such as through Microsoft Security Compliance.
Lead targeted initiatives, actively collaborating with IT, business stakeholders, and external vendors to prioritize security risks, recommend mitigations or remediations, and implement security controls.
Execute and maintain risk methodologies, owning IT risk processes aligned to frameworks such as NIST-CSF and ISO27001, supporting regulatory and compliance requirements like PCI DSS, SOC2, and SOX. 2
Establish process workflows and lead the design, deployment, integration, and initial configuration of security solutions to enhance GRC processes.
Manage metrics and reporting for program components within the scope of the role.
Lead and mentor team members, providing direction to accomplish team objectives effectively.
Minimum Qualifications:
At least 4 years work experience in information technology, cyber security, audit, compliance, risk, or information security.
Excellent collaboration and communication skills with ability to communicate risk to a diverse stakeholder group.
Proficiency in regulatory requirements and compliance standards (e.g. PCI-DSS, HIPAA, GDPR).
In-depth knowledge of security risk management and compliance frameworks (e.g. NIST-CSF, COSO, ISO27001/2, CSA, etc.).
Highly organized with attention-to-detail. o Experience in mentoring and/or coaching individuals, projects, or teams.
Preferred Qualifications:
Familiarity with audit process and frameworks such as SOC2 Type 2 and HITRUST.
Bachelor’s Degree with an emphasis in security, technology, or engineering.
Ability to influence and inspire others to adopt security best practices and policies.
Security industry certification desired.
This role is open to primarily remote work with the requirement to occasionally come into the corporate office in Mendota Heights, MN for team meetings.
What's In It For You:
We provide competitive benefits, unique incentive programs and rewards for our eligible employees:
Full Medical, Dental, and Vision benefits and an integrated Wellness Program.
401(k) Match Retirement Savings Plan.
Employee Stock Purchase Plan (ESPP).
Paid Time Off (PTO).
Holiday Pay & Floating Holidays.
Volunteer Time Off (VTO).
Educational Assistance Program (Tuition Reimbursement).
Full Paid Parental and Adoption Leave.
LifeWorks (Employee Assistance Program).
Patterson Perks Program.
EEO Statement As a people-first company, Patterson promotes a culture that embodies and celebrates diversity and inclusivity. We believe our employees’ unique experiences and differences is what strengthens us and drives our success. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status.
We are Patterson. We welcome you.
#J-18808-Ljbffr