Manager, Second Line GRC

How you'll help us Keep Climbing (overview & key responsibilities)
Join Delta IT on our journey to becoming the best IT organization in the airline industry.

Delta IT is on a journey of transformation. We are changing the way we do business from top to bottom. As thought leaders within Delta, we strive to create meaningful and innovative solutions and are looking for team members to help us realize our vision.

Delta IT employees are thinkers, doers, innovators.

We are proactive.

We are collaborative.

We deliver impact to our customers.

Join us on our transformation journey in becoming a world-class IT organization at the world's best airline

YOUR RESPONSIBILITIES IN THIS ROLE:

As a manager, Second Line GRC, you will be responsible for overseeing the Second Line GRC team within the Information Technology area that is focused on monitoring, tracking and reporting risk within the Delta organization. This role will partner with other teams throughout the Delta organization to identify, assess, track, report and validate risks and the implementation of controls throughout the organization. The Manager will balance their time between technical thought-leadership, hands-on solution collaboration, and talent development.

This role provides technical guidance and mentoring to the team to achieve high-quality results. The ideal candidate will have excellent organizational, communication, and management skills, along with an ability to lead training sessions and workshops for staff members.

\t* Develop, maintain, and support an IT Risk management program to include risk identification, measurement/prioritization, mitigation, and reporting (in partnership with the Governance Manager).
\t* Oversee development and implementation of high-level control architectures, including preventive, detective, and corrective controls.
\t* Apply assessment data of identified threats in risk decision making.
\t* Knowledge of industry indicators useful for identifying technology trends. Assess and communicate the potential risk of these trends to Delta.

Recommend controls to mitigate the risk.
\t* Through a close partnership with the Threat Intelligence team, maintain knowledge of current and emerging threats, translate threats to potential risk, and identify possible risk mitigation strategies.
\t* Acquire and maintain a working knowledge of relevant laws, regulations, policies, standards, and compliance obligations.
\t* Advise senior leadership of changes affecting Delta’s risk posture.
\t* Assure successful implementation of Information Security requirements and controls.
\t* Lead Information Security assessment process, blending industry best practices with Delta’s culture and risk posture.
\t* Collaborate and partner with other risk organizations at Delta. Align IT Risk’s approach with Delta’s risk tolerance/risk management approach where possible.
\t* Leverage industry best practices for evaluating, implementing, and disseminating Information Security internal assessments, monitoring, detecting, and remediation.
\t* Represent the GRC team on internal committees related to key risk areas (like vulnerability management).
\t* Create auditable evidence of security measures.
\t* Develop risk mitigation strategies to resolve vulnerabilities and recommend security changes as needed.
\t* Develop specific countermeasures and risk mitigation strategies.
\t* Provide guidelines for performance of, and conduct, a risk analysis whenever an application undergoes a major change.
\t* Tackle "big" problems, provide options, and drive resolution.
\t* Provide consulting/thought leadership for Information Security, IT, and the business.
\t* Work as a member of the broader GRC, IT and Delta teams. Do what’s right for Delta.
\t* Ensure up to date process and procedure documentation for the team.
\t* Identify process improvement/automation opportunities and innovate new ways of doing things.
\t* Communicate, and deliver, the value of Information Security throughout all of Delta.
\t* Lead with integrity and a positive attitude.
\t* Provide leadership and oversight to a high performing team of Delta Information Security professionals to ensure the confidentiality, integrity, and availability of information.
\t* Meet with staff on a timely basis to conduct performance evaluations and provide feedback.

Provide ongoing coaching, mentoring, and training to develop and encourage employee performance and development.
\t* Develop strategic and operational plans for the work group, manage execution, drive improvements, and measure results.
\t* Define metrics to accurately convey risk, team performance and measure against goals.
\t* Drive awareness and knowledge of security.
\t* Perform special projects as assigned, while effectively manage time with competing priorities.
\t* Build highly motivated and result-oriented team.

What you need to succeed (minimum qualifications)
*
Develop, maintain, and support an IT Risk management program to include risk identification, measurement/prioritization, mitigation, and reporting (in partnership with the Governance Manager).\t* Oversee development and implementation of high-level control architectures, including preventive, detective, and corrective controls.
\t* Apply assessment data of identified threats in risk decision making.
\t* Knowledge of industry indicators useful for identifying technology trends.
\t* Assess and communicate the potential risk of these trends to Delta.
\t* Recommend controls to mitigate the risk.
\t* Through a close partnership with the Threat Intelligence team, maintain knowledge of current and emerging threats, translate threats to potential risk, and identify possible risk mitigation strategies.
\t* Acquire and maintain a working knowledge of relevant laws, regulations, policies, standards, and compliance obligations.
\t* Advise senior leadership of changes affecting Delta’s risk posture.
\t* Assure successful implementation of Information Security requirements and controls
\t* Lead Information Security assessment process, blending industry best practices with Delta’s culture and risk posture.
\t* Collaborate and partner with other risk organizations at Delta.

\t* Align IT Risk’s approach with Delta’s risk tolerance/risk management approach where possible.
\t* Leverage industry best practices for evaluating, implementing, and disseminating Information Security internal assessments, monitoring, detecting, and remediation.
\t* Represent the GRC team on internal committees related to key risk areas (like vulnerability management).
\t* Create auditable evidence of security measures.
\t* Develop risk mitigation strategies to resolve vulnerabilities and recommend security changes as needed.
\t* Develop specific countermeasures and risk mitigation strategies.
\t* Provide guidelines for performance of, and conduct, a risk analysis whenever an application undergoes a major change.
\t* Tackle "big" problems, provide options, and drive resolution.
\t* Provide consulting/thought leadership for Information Security, IT, and the business.
\t* Work as a member of the broader GRC, IT and Delta teams.
\t* Do what’s right for Delta.
\t* Ensure up to date process and procedure documentation for the team.
\t* Identify process improvement/automation opportunities and innovate new ways of doing things.
\t* Communicate, and deliver, the value of Information Security throughout all of Delta.
\t* Lead with integrity and a positive attitude.
\t* Provide leadership and oversight to a high performing team of Delta Information Security professionals to ensure the confidentiality, integrity, and availability of information.
\t* Meet with staff on a timely basis to conduct performance evaluations and provide feedback.
\t* Provide ongoing coaching, mentoring, and training to develop and encourage employee performance and development.
\t* Develop strategic and operational plans for the work group, manage execution, drive improvements, and measure results.
\t* Define metrics to accurately convey risk, team performance and measure against goals.
\t* Drive awareness and knowledge of security.
\t* Perform special projects as assigned, while effectively manage time with competing priorities.

\t*
Consistently prioritizes safety and security of self, others, and personal data.

\t*
Embraces diverse people, thinking, and styles.
\t*
Possesses a high school diploma, GED, or high school equivalency.
\t*
Is at least 18 years of age and has authorization to work in the United States.

What will give you a competitive edge (preferred qualifications)
* B.S.

degree in Computer Science, Computer Engineering, Information Assurance, a related field, or equivalent experience.
\t* Professional certifications such as CISSP, CISM, OSCP and CEH
\t* Experience with RSA Archer or equivalent GRC tool.
\t* Experience delivering high quality results using Agile methodology

Benefits and Perks to Help You Keep Climbing
WHY YOU’LL LOVE DELTA

\tOur culture is rooted in a shared dedication to living our values - Care, Integrity, Resilience, Servant Leadership, and Teamwork - every day, in everything we do. At Delta, our people are our success. At the heart of what we offer is our focus on Sharing Success with Delta employees.

Exploring a career at Delta gives you a chance to see the world while earning great compensation and benefits to help you keep climbing along the way:

\t* Competitive salary, industry-leading profit sharing program, and performance incentives
\t* 401(k) with generous company contributions up to 9%
\t* Paid time off including vacation, holidays, paid personal time, maternity and parental leave
\t* Comprehensive health benefits including medical, dental, vision, short/long term disability and life benefits
\t* Family care assistance through fertility support, surrogacy and adoption assistance, lactation support, subsidized back-up care, and programs that help with loved ones in all stages
\t* Holistic Wellbeing programs to support physical, emotional, social, and financial health, including access to an employee assistance program offering support for you and anyone in your household, free financial coaching, and extensive resources supporting mental health
\t* Domestic and International space-available flight privileges for employees and eligible family members
\t* Career development programs to achieve your long-term career goals
\t* World-wide partnerships to engage in community service and innovative goals created to focus on sustainability and reducing our carbon footprint
\t* Business Resource Groups created to connect employees with common interests to promote inclusion, provide perspective and help implement strategies
\t* Recognition rewards and awards through the platform Unstoppable Together
\t* Access to over 500 discounts, specialty savings and voluntary benefits through Deltaperks such as car and hotel rentals and auto, home, and pet insurance, legal services, and childcare