• Engages with Cox business leaders to ensure understanding and support of security compliance strategy, priorities, and initiatives
• Coordinates effective roadmap development and governance for global initiatives related to security awareness, policy development, client and vendor compliance, and overall process improvement
• Establish, maintain and communicate CAI security policies. Partner with cross-divisional counterparts to ensure alignment, where appropriate, across all Cox divisions.
• Develop and implement a robust internal control framework aligned with industry best practices (e.g., COSO framework). Design control activities to address identified risks and ensure effective monitoring of key processes.
• Serve as the liaison with External Auditors, Internal Audit, on all significant Compliance issues involving supported function/business/product and oversee implementation of related remediation.
• Manage all contractual security requirements requested by external parties and ensure that compliance obligations are understood, and requirements are documented. Prepare and present compliance reports to the engineering leaders and executive team
• Provide oversight and guidance over the assessment of broad complex issues, structure potential solutions, and drive effective resolution with other senior stakeholders.
• Advise the businesses on an ongoing basis on new function/business/product initiatives, new products, business acquisitions, and client-related matters with respect to the applicability of policies, resolution of potential red flags, or other client/transaction-related compliance escalations.
• Manage a variety of compliance requirements including external attestations, regulatory requirements, interacting with clients, legal, stakeholders, and outside counsel as appropriate.
• Lead security requirements in obtaining and maintaining breach insurance coordinating with a variety of internal teams as well as our insurance brokers both domestically and internationally.

Minimum Qualifications

• Bachelor’s degree in business, law, or a related field. At least 12 years of experience in compliance, risk management, or related areas, with a minimum of 7 years in a senior leadership role; The right candidate could also have a different combination such as a Master’s degree in business, law or related field and 10 years of experience or a PhD and 7 years experience. Master’s degree preferred.
• Ensures that the team's purpose and importance are defined, clarified, and understood. Guides the team in setting specific and measurable short- and long-term goals. Builds others' sense of task ownership and self-confidence by helping them generate ideas, make decisions, obtain resources, and overcome barriers.
• Proactively builds, nurtures, and maintains business-focused, long-term working relationships with partners inside and outside of the organization. Demonstrates flexibility when forming and adjusting partnerships to achieve broader goals. Shows willingness to work across boundaries to achieve outcomes addressing business, customer, and partner goals and expectations. Demonstrated strong executive presence and communication skills.
• Direct oversight of managing external attestations such as SOC1/SOC2 Reports, as well as managing compliance with GLBA, PCI DSS, GDPR
• Direct experience managing and redlining contractual security requirements and interacting with legal.
• Direct experience with managing international compliance requirements in Europe
• Effective negotiation skills, a proactive and 'no surprises' approach in communicating issues and strength in sustaining independent views. Strong presentation and relationship management skills are essential
• Articulate and effective communicator, both orally and in writing, with an energetic, charismatic and approachable style. Candidates must have effective persuasion skills, the ability to work effectively at the highest levels of the organization, and will display highly effective networking and influencing skills

​

Preferred Qualifications

• Ability to make strategic decisions, supervise complex programs, manage and educate highly skilled professionals, and influence other departments relating to security risk and control.
• Solid, pragmatic business acumen with a proven record of creatively solving problems and offering solutions.
• Consultative nature to work through controversial or complex topics to employees, leaders, and/or senior leadership.
• Ability to manage multiple complex projects while meeting all deadlines and manage leaders of teams to achieve optimal results.
• Develop strong and productive working environment with key stakeholders and collaborate closely with other Cox entities’ security teams to implement security best practices.
• Relevant industry certification: CISSP, CEH, OSCP, Azure, AWS, CISM, CISA, etc.

To be employed in this role, you’ll need to clear a pre-employment drug test. Cox Automotive does not currently administer a pre-employment drug test for marijuana for this position. However, we are a drug-free workplace, so the possession, use or being under the influence of drugs illegal under federal or state law during work hours, on company property, and/or in company vehicles is prohibited.

​

The Company offers eligible employees the flexibility to take as much vacation with pay as they deem consistent with their duties, the company’s needs, and its obligations; seven paid holidays throughout the calendar year; and up to 160 hours of paid wellness annually for their own wellness or that of family members. Employees are also eligible for additional paid time off in the form of bereavement leave, time off to vote, jury duty leave, volunteer time off, military leave, and parental leave.