Security Client and Vendor Compliance Lead
Company: Cox Automotive
Location: Scottdale
Posted on: November 4, 2025
|
|
|
Job Description:
The Security Client and Vendor Compliance Lead will manage
compliance and oversight accountabilities for third party service
providers (vendors). This leader will implement and manage
boarding/due diligence required for third party service providers
and ensure operating effectiveness over time. Oversee internal and
external security audits, ensuring remediation plans for identified
issues are executed effectively as well as monitor emerging
regulations and compliance trends to maintain up-to-date practices.
Coordinate with regulatory bodies, auditors, and other stakeholders
on security risk-related matters. This role will drive a culture of
continuous improvement for security compliance practices, benchmark
the organization's compliance performance against industry peers,
and foster innovation in security compliance to address emerging
threats. Key Responsibilities Engages with Cox business leaders to
ensure understanding and support of security compliance strategy,
priorities and initiatives Collaborates with the team on effective
roadmap development and governance for global initiatives related
to security awareness, policy development, client and vendor
compliance and overall process improvement Establish, maintain and
communicate CAI security policies related to third party service
providers. Partner with cross-divisional counter parts to ensure
alignment, where appropriate, across all Cox divisions. Serve as
the liaison with External Auditors, Internal Audit, on all
significant Compliance issues involving third party service
providers. Manage all contractual security requirements for third
party service providers and present compliance reports to the
leadership and executive team Provide oversight and guidance over
the assessment of broad complex issues, structures potential
solutions and drive effective resolution with other senior
stakeholders. Minimum Qualifications Bachelor's degree in a related
discipline and 6 years' experience in a related field. The right
candidate could also have a different combination, such as a
master's degree and 4 years' experience; a Ph.D. and 1 year of
experience; or 18 years' experience in a related field Proactively
builds, nurtures and maintains business-focused, long-term working
relationships with partners inside and outside of the organization.
Demonstrates flexibility when forming and adjusting partnerships to
achieve broader goals. Shows willingness to work across boundaries
to achieve outcomes addressing business, customer and partner goals
and expectations. Demonstrated strong executive presence and
communication skills. Direct oversight of managing external
attestations such as SOC1/SOC2 Reports, as well as managing
compliance with GLBA, PCI DSS, GDPR Direct experience managing and
redlining contractual security requirements and interacting with
legal. Direct experience with managing international compliance
requirements in Europe Effective negotiation skills, a proactive
and 'no surprises' approach in communicating issues and strength in
sustaining independent views. Strong presentation and relationship
management skills are essential Articulate and effective
communicator, both orally and in writing, with an energetic,
charismatic and approachable style. Candidates must have effective
persuasion skills, the ability to work effectively at the highest
levels of the organization, and will display highly effective
networking and influencing skills Applicants must currently be
authorized to work in the United States for any employer without
current or future sponsorship. No OPT, CPT, STEM/OPT or visa
sponsorship now or in future Preferred Qualifications Ability to
make strategic decisions, supervise complex programs, manage and
educate highly skilled professionals, and influence other
departments relating to security risk and control. Solid, pragmatic
business acumen with a proven record of creatively solving problems
and offering solutions. Consultative nature to work through
controversial or complex topics to employees, leaders, and/or
senior leadership. Ability to manage multiple complex projects
while meeting all deadlines and manage leaders of teams to achieve
optimal results. Develop strong and productive working environment
with key stakeholders and collaborate closely with other Cox
entities' security teams to implement security best practices.
Relevant industry certification: CISSP, CEH, OSCP, Azure, AWS,
CISM, CISA, etc. USD 108,800.00 - 181,400.00 per year Compensation:
Compensation includes a base salary of $108,800.00 - $181,400.00.
The base salary may vary within the anticipated base pay range
based on factors such as the ultimate location of the position and
the selected candidate's knowledge, skills, and abilities. Position
may be eligible for additional compensation that may include an
incentive program. Benefits: The Company offers eligible employees
the flexibility to take as much vacation with pay as they deem
consistent with their duties, the company's needs, and its
obligations; seven paid holidays throughout the calendar year; and
up to 160 hours of paid wellness annually for their own wellness or
that of family members. Employees are also eligible for additional
paid time off in the form of bereavement leave, time off to vote,
jury duty leave, volunteer time off, military leave, and parental
leave. Applicants must currently be authorized to work in the
United States for any employer without current or future
sponsorship.
Keywords: Cox Automotive, Atlanta , Security Client and Vendor Compliance Lead, IT / Software / Systems , Scottdale, Georgia
