What’s Unique About You Is What Makes Us Better! Diversity is our strength and competitive advantage. Bring your flavor to the Papa John's team today!

Job Summary

As the Information GRC Manager, you will be a critical part of the Papa Johns global information security team. We are looking for a thought leader in information governance, risk, and compliance to join us and expand our overall security program! As a highly visible and key member of the team, you’ll be responsible for the strategic and technical implementation that drives our data governance, audit, and vendor risk management efforts. You will ensure that our data practices conform to all legal and regulatory privacy and security requirements, and that all stakeholders understand and comply with requirements. The ideal candidate will not only have strong leadership in data governance, risk and compliance but will have the technical aptitude and creativity to implement training solutions, configure systems to label/classify data and set up data loss prevention technologies. This role will work closely with internal and external auditors to ensure we maintain our compliance certifications (eg: PCI, NIST, GLBA) and can effectively communicate and implement actionable strategies. If you are a proactive selfstarter and looking for a role that will allow you to roll up your sleeves and implement meaningful change, this could be the perfect fit!

Role Responsibilities

• This role will be responsible for leading and implementing tasks for global governance projects to ensure complete and accurate data inventories and establish and enforce retention policies and schedules.

• You will configure multiple systems to label, classify and establish compliance policies for sensitive and unstructured data at rest.

• You will configure and monitor data loss and establish exfiltration policies.

• Define, create, and implement data governance policies, standards, and procedures that address data, security, access, and usage.

• You will inventory unstructured data and develop data retention standards for all electronic and paper-based data. This will include leading multiple project activities cross functionally to ensure data is destroyed and deleted appropriately.

• The successful candidate will serve as a subject matter expert in the development, implementation and management of our current data governance framework and collaborate closely with various teams, reporting each month to the executive committee overall project plans and action items accomplished.

• Develop data governance training through newsletters, videos and in-person training.

Internal and External Audits

• You will be the main point of contact for all internal and external security compliance audits (PCI, NIST, GLBA, etc). You will provide evidence of compliance to auditors and ensure cross functional teams are meeting requirements prior to onsite audits.

• You will be extremely well versed in PCI for cloud-based solutions and can effectively communicate how the internal security teams, development teams and infrastructure technologies and processes meet compliance.

• Able to pull evidence from multiple tools including but not limited to logs, active directory, endpoint detection systems, and cloud-based configurations.

• Proactively stay informed of the latest legal, compliance and regulatory changes that impact the organization and assess for compliance with the continuously evolving requirements.

Third-party Vendor Management

• Evaluate and provide continuous monitoring for new and current third-party vendors ensuring minimum thresholds are maintained for security.

• Perform ad-hoc security metrics on vendor compliance as needed to support department needs.

• Work effectively with teammates and earn credibility from stakeholders by establishing and maintaining strong working relationships with business partners. • Foster relationships with senior management, across a range of functions including Internal Audit, Legal and Technology.

Other

• Assist the VP of Information Security and Compliance with reporting, metrics, and policy development as needed.

Everybody loves pizza, which means they also love the people who are behind the scenes working to deliver it. This is complex and challenging work – but let’s face it – it’s also pizza! If you want a fulfilling career with a company that’s always moving forward, we’re the right place.

Papa John's is a Federal Contract employer who participates in E-Verify to confirm employment eligibility for each new team member. For more information please view the following PDFs: E-Verify Poster (English) - Right to Work Poster (English) - E-Verify Poster (Spanish) - Right to Work Poster (Spanish) Papa John's is an Affirmative Action and Equal Opportunity Employer. For more information please click on the following PDF. See terms & conditions for site use.