Summary

The IT Compliance Specialist serves as the primary point of contact between Brembo Americas and Corporate Compliance. They perform or oversee the local assessments and audits that ensure Brembo’s locations are compliant with corporate standards, industry requirements, and governmental regulations pertaining to data security, ensuring the safety and security of information.

The IT Compliance Specialist designs, develops and executes regional tests and programs to assess compliance with related policies, procedures and applicable laws and regulations.

Duties include monitoring business operations and reporting infractions, reviewing company policies for possible risks and liabilities and researching legal requirements for new initiatives.

Responsibilities

• Lead the preparation of Brembo Information Security audits.
• Monitor and report on compliance policies, as well as the enforcement of policies across Brembo.
• Evaluation of compliance with stakeholder requirements, including response to requirement specifications.
• Evaluate and update to new & existing policies and procedures to ensure operating efficiency and regulatory compliance.
• Develop a strong working relationship with the Applications, Infrastructure, Architecture and other IT teams to develop and implement controls and configurations aligned with policies and legal, regulatory and audit requirements
• Lead the design and operation of compliance monitoring and improvement activities to ensure compliance with internal security policies etc. and applicable laws and regulations to include Supervision and execution of business and IT ISO 27001 certification and maintenance.
• Manage and implement activities related to Corporate, Internal IT and Customer Audits to include: Corporate Audits - Internal FoF, ISO 27001, TISAX, Cybersecurity Assessment
• Internal IT Audits – for all IT Functional Areas (Infrastructure, Operations, Applications, Shop Floor)
• Customer Audits – IATF 16949, Q1 (Quality), Customer Audits (Ford, GM…), Cybersecurity Assessments
• Create, publish and maintain IT group documentation in relation to Information Security guidelines for Governance and Audit functions.
• Insure maintenance and application of Brembo Corporate and Regional Standards, Policies, Standard Operating Procedures, Templates and Directives to include regional requirements as required. Maintain region and site documentation for same.
• Evaluate, select and manage VRM with Consulting vendors in support of compliancy regulations
• Develop and provision Information Security and compliance training as required
• Provide subject matter expertise to the business in the area of Information Security and Compliance
• Lead in the development of information security policies, procedures and standards in line with Brembo HQ guideline and business needs and regulatory requirements.
• Interface with technical personnel and other teams as required

Background, Experience and Qualifications

• Degree or equivalent qualification in IT or IS compliancy or related technical discipline or relevant experience.
• 3-4 years related work experience in IT compliancy related roll.
• Understanding of the Data Protection Act (1998) and other data/information privacy and security regulations.
• Thorough understanding of compliance and risk management in a regulated environment.
• An understanding of IT Security international standards like Iso 27001 and TISAX
• An understanding of Privacy Standard like GDPR
• Good understanding of higher education IT and information environment, preferably in security, compliance/audit or infrastructure.
• Assertiveness, flexibility, ability to work in a team, intercultural competence and willingness to travel
• Excellent knowledge of English in speaking and writing
• Ability to communicate complex messages in a clear, concise manor to all audiences
• Excellent collaboration skills and able to work in a team environment
• Able to work quickly and effectively under pressure and to efficiently deal with multiple priorities simultaneously