TerraCycle’s mission is to Eliminate the idea of Waste®.
Operating in over 21 countries across the Americas, Europe and Asia Pacific, TerraCycle is a global innovator in green business. It partners with many of the world’s largest consumer product companies and retailers to create collection and recycling solutions for hundreds of traditionally non-recyclable waste streams. By working with companies, retailers, governments and consumers, TerraCycle is able to collect and solve for just about every waste stream, from snack wrappers and contact lenses to ocean plastics and cigarette butts, all waste streams that otherwise end up in landfills, oceans, or incinerators. TerraCycle has received hundreds of awards globally and has been highlighted in some of the world's most recognized media outlets, including CNN, Wall St. Journal, Reuters.com New York Times, Forbes and thousands of others.
In May 2019, TerraCycle launched its newest initiative, Loop, a global circular shopping system that enables brands, retailers and consumers to transition from single-use disposable materials to reusable, durable packaging, washed by Loop and refilled by the brands. Loop has engaged many of the world's largest consumer product companies (including P&G, Nestlé, Unilever, PepsiCo, Coca-Cola, and Mondelez) and many of the world’s largest retailers in this platform. Loop is currently available in the mid-Atlantic and Northeastern U.S, and the greater Paris region in France, with plans to expand into several new markets including Canada, Japan, the UK and Germany in 2021.
About the position:
This position aims to further enhance TerraCycle’s ability to continuously improve data security, the protection of PII, and to put us on track to ISO 27001 compliance. IT security ownership is currently distributed between the different IT functions. The Director of IT Security position aims to centralize this.
The role itself will be two-fold in the beginning:
There is a project element, meaning the person coming into the role will have to do an assessment of TerraCycle’s currently existing standards and create a plan to improve our current state. This plan will include recommending improvements in system setup, creating policies agreeing on a timeline with functional leaders for delivery of system changes and supporting documentation.
The other element will be the continuous advisory to all functional leaders and the enforcement of security principles. The Director of IT Security will report directly to the CIO.
- Assess current state of the business as it relates to information security (IS).
- Create an IS framework (global IS policies, standards) that aims to assure ISO compliance
- Create a forward looking IS program to implement the framework taking into account findings and their complexity for resolution.
- Coordinate with leaders in IT and other functions to implement the IS framework.
- Implement an IS Training Plan and have it inserted into the onboarding process and other training cycles in cooperation with our people operations (HR).
- Coordinate with cross-functional Operations and Technology teams to improve risk oversight
- Ensure non-compliant items are addressed through coordination with Business Manager and business staff
- Provide guidance on IS aspects of projects in support of business initiatives
- Help manage project deadlines, deliverables, planning, budgeting and policy formulation for the teams, that will be involved in the security hardening
- Ensure ‘security practices and standards’ compliance to reduce the likelihood of audit, regulatory and legal liabilities and reduce security risks by enhancing controls and minimizing weaknesses in TerraCycle’s applications portfolio
- Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding TerraCycle’s, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of others and create accountability with those who fail to maintain these standards.
- Attend and participate in internal/external IS forums/events when necessary and provide IS updates to the business
- Ensure stakeholders are held accountable for IS controls, and understand responsibilities in risk mitigation and remediation
- Continuously improve processes, remove IS deficiencies and enhance current tools that reduce an overall risk profile
- 6-8 years of relevant experience
- Bsc degree in Information Security/Computer Science/Electrical, Mechanical Engineering /Information Technology or related field.
- At least one Industry related certification such as Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), or Certified Information Systems Security Professional (CISSP) is highly desired
- Experience in implementing or enforcing ISO 27001 standards and 27002 controls
- Hands-on project management experience.
- Demonstrated ability to interpret and apply information security policies, standards and procedures
- Demonstrated ability to perform IS risk assessments
- Consistently demonstrates clear and concise written and verbal communication
- Proven influencing and relationship management skills, especially with Senior management
- Strong collaborative and communication skills required.
- Should be highly dependable team player with ongoing commitment to excellence
- Effective community leadership skills with the ability to empower other teams, with knowledge sharing, documentation, timeliness and proactive planning.
- Competitive salary
- Modern and cozy, eco-conscious office in a central location
- Conference support, In-house training, Training contribution
- Great team spirit & supportive environment
- Beverages, Coffee & Fruit-day
Job description is not all-inclusive. TerraCycle reserves the right to amend this job description at any time. TerraCycle is an Equal Opportunity Employer, committed to a diverse and inclusive work environment. All applicants must already have the eligibility to work in Hungary.
TerraCycle is committed to Diversity, Equality and Inclusion.