What Makes Honda The Best?
Are you an innovator? Honda’s core values are what make our company unique.
• Dreams: The Power of Dreams mentality drives our team to create intelligent products that enhance mobility and increase the joy in people’s lives.
• Joy and Passion: The joy we experience at Honda is fueled by our dreams and passion.
• Challenging Spirit: Honda’s challenging spirit pushes us to set and reach ambitious goals. Honda is voluntarily reducing 50% of carbon dioxide emissions in our products by 2050 and developing technology to reduce the number of collisions to zero by 2040.
• Respect for the individual: This core value pushes our associates to contribute at the highest level and work effectively on a team.
If your goals and values are at the same speed as Honda’s, we want you to join our team!
About this Position:
The Honda North America (HNA) GRC (Governance, Risk & Compliance) analysis role is to tactically oversee and ensure Governance, Risk, and Compliance is adhered to across the North America region. The HNA GRC analyst will coordinate and validate Governance, Risk, and Compliance activities (e.g., pre-checks, self-assessments, remediation, gap tracking, remediation recommendations, policy and standard interpretation, risk management assistance, and overall general support, and projects surrounding all things GRC), across all North America companies. The HNA GRC analyst will accomplish daily roles and responsibilities by working directly with other team members, project managers, business partners, and other strategic/tactical internal/external groups; with one goal to strengthen Honda's GRC capabilities across the North America region.
Execute compliance pre-checks across multiple disciplines including SOX General Computing Controls (GCCs), and IT Automated Controls (ITACs). Evaluate the level of compliance related to data privacy and policy compliance initiatives, including tracking of existing gaps, remediation progress of gaps, and obtaining and reporting on overall status regularly for the initiative. Support risk assessments for third-party vendors to identify and mitigate risk landscape by reviewing statements of work, SOC-1/SOC-2/SSAE-18 reports, and vendor provided certification reports, and open dialog with external groups (procurement, legal, and vendor). Support additional on-going risk management activities within the organization, which may include supporting the risk exception process, risk committee, and risk tracking activities with the support of team members. Engage in ongoing communication with peers in the Information Security Office groups and other external teams.
What You Need to be Successful in the Role:
Maintain up-to-date knowledge of PCAOB requirements to audit standards
Maintain up-to-date knowledge of COBIT, NIST 800-53 and ISO 27000 frameworks.
Ability to work with and across all levels of the organization and navigate organizational boundaries.
IT compliance control monitoring skills to ensure compliance risks are managed appropriately.
Excellent organizational, interpersonal, and communication skills with strong written, verbal, and presentation skills; both delivery and creation of presentations (must be able to distill complex topics into simple concepts).
Ability to effectively communicate with technical and executive audiences and develop and maintain strong peer/client/customer relationships underpinned by a service oriented approach to work.
Adept with time management, tasks, project prioritization, and multi-tasking.
High degree of initiative, attention to detail and follow-up skills.
Ability to deliver on commitments, is dependable with the ability to work with little supervision.
Demonstrated problem-solving skills and capabilities to drive process improvements.
Highly proficient with GRC tools, Microsoft Office Suite especially Excel, PowerPoint, and SharePoint.
Ability to translate understanding of the organizations goals and objectives into compliance requirements.
Strong ability to conduct research into IT GRC issues and products as required.
Excellent written and verbal communication skills.
Excellent interpersonal skills.
Ability to present ideas and security risks in business friendly and user-friendly language.
Team oriented and skilled in working within a collaborative environment.
Required Work Experience:
Minimum of 5 years of experience as an information security and/or GRC practitioner, preferably in the financial, consulting, and /or global organization field.
Bachelor degree in Information Systems or equivalent work experience.
Preferred professional certifications:
A Few Other Important Details:
Approx. 0-5 hours of overtime per week may be required.
5% domestic travel may be required.
We care about our associates and their wellbeing. We offer a wide range of benefits including:
• Competitive total compensation
• 401k Plan with company contributions
• Flexible and valuable insurance plans
• Relocation assistance (if eligible)
• Onsite automobile service center and wellness center
• Development to further your career
• Discount on Honda products
• Paid time off and paid holidays
Installations (Computer Systems)