IT Security Risk and Compliance Analyst

About us

PHINIA: Advancing sustainability today, powering carbon-free tomorrow.

At PHINIA, we create premium fuel systems, electrical systems, and aftermarket parts for internal combustion engine (ICE) vehicles and industrial applications. We make sure our products are clean, efficient, and high value because we know the actions that we take today will have a profound impact on the world tomorrow. Our goal? The cleanest ICE technology: carbon-free combustion.

Always, PHINIA puts quality first, continuing our legacy with over a century of rich expertise and technological innovation. The name PHINIA has roots related to “bright” and “future,” representing our confidence and commitment to bettering the world.

Our Culture

We believe the health and safety of our employees are a top priority, we care about our local communities and the global environment. PHINIA promotes and nurtures a diverse and inclusive environment, honors integrity, strives for excellence, commits to responsibility for our communities and the environment, and builds on the power of collaboration.

Career Opportunities

We believe in building a brighter tomorrow for our employees as well as our customers and encourage you to learn about our long history, strong culture, new technologies, and future vision. We offer a strong local presence and interesting global opportunities. Join us on this shared journey toward a brighter tomorrow.

Job purpose

This position is responsible for implementing and maintaining IT Security Compliance programs globally. Responsibilities include monitoring our Information Technology operations and procedures to comply with legal regulations and internal policies, evaluating Third Party Information Security controls and maturity, researching, and recommending the policies, controls and procedures for security monitoring and compliance to security frameworks.

The successful candidate will be an excellent communicator, with in-depth knowledge of the latest industry procedures and regulations.

Key Responsibilities

POLICIES AND PROCEDURES

• Create, review, update and implement the company’s Information Technology policies.
• Assist in the development and implementation of compliance related processes and/or procedures as it pertains to IT.

AUDITS AND COMPLIANCE PROGRAMS

• Providing direct support to IT and representing IT Security on internal and external audit teams where IT inquiry is required.
• Facilitate execution of required testing and auditing activities for the IT Department by internal and external parties leading to successful audits of the company on an ongoing basis
• Support the business on 3rd party compliance programs such as TISAX, HIPAA or Customers Cybersecurity assessments.
• Represent IT Security and partner with HR and Legal teams to identify and manage privacy, data protection risks, and compliance requirements to help meet stakeholder expectations.

RISK MANAGEMENT

• Implement IT Security compliance projects/programs, and especially evaluate Third Party solutions and contracts for Information Security controls and maturity. Partner with management, business teams, Vendors and/or other IT teams to develop, test or implement risk management strategies and solutions.
• Research and recommend remediating controls, and identify performance gaps compared to industry best practice to help gain stakeholder buy-in
• Leverage former experience and industry-knowledge -network to bring external perspective into the play and apply best-practices.
• Prepare and deliver meaningful operational security risk metrics to IT and Business leadership.

TISAX

HIPPA

IT Policies

GDPR

NIST/ISO27001

Security Architecture

What we’re looking for

Education and Experience

• Preferred: A four-year degree in Information Technology with an emphasis on information security.
• Required: Bachelor’s degree in computer information systems, IT Audit, or related field.
• 5 years Information Technology experience, 3-4 years of experience in Information Security Risk Management or IT Auditing
• Working knowledge of common information security management frameworks, regulatory requirements, and applicable standards such as: ISO 27001, NIST CSF, SOX, TISAX, etc

Core competencies

• Strong knowledge in Microsoft Office Application (Word, Excel and PowerPoint)
• Knowledge of Information Systems security architecture, security policies, procedures, and best practices.
• Knowledge of information protection methodologies and concepts, such as identification and authentication, access control, inception and audit trails
• Strong Written and Oral English Communication Skills
• Strong interpersonal communication and coordination skills and the ability to communicate effectively with a wide range of employees, leaders at various levels, and other customers.
• Ability to deliver outcomes in a global, matrix organization with diverse stakeholders and priorities.
• Ability and desire to solve complex issues.
• Customer focus

What we offer

· We provide compensation and benefits programs intended to attract, motivate, reward, and retain a highly talented, globally diverse workforce at all levels within our organization. Our compensation programs are informed by market data and business needs, and we are committed to providing equitable and competitive compensation. We are committed to providing our team with quality and competitive benefit programs, including health and well-being resources, family-centric policies, and an agile workplace program, where not precluded by collective bargaining agreements or national statutory plans. Plans are benchmarked for competitiveness and value.

· We provide formal development opportunities at all levels and stages of employee careers. These opportunities are delivered in a variety of formats to make our portfolio of solutions agile, sustainable, and scalable to support our employees in developing the skills needed to succeed.

What we believe

· Product Leadership - Innovation that brings value to our customers

· Humility - Seeking out diverse perspectives and working collaboratively

· Inclusivity - Recognizing our differences makes us stronger; we are bold and intentional

· Net-Zero - Committed to energy efficiency, waste reduction, and beneficial reuse

· Integrity - Taking responsibility for our decisions and doing what is right

· Accountability - Taking ownership of our actions and driving results

Safety

You will consistently hear us say Safety First We are committed to continually improving our strong safety performance to ensure that our employees go home as safe and as healthy as when they came in, or even better

We also believe that health and safety is everyone’s responsibility, as such, PHINIA employees will know and comply with all applicable safety policies, standards, and procedures. Work is expected to be conducted in a manner that stresses the importance of preventing incidents and illnesses, including attending all required safety meetings and trainings. The hazards of each task shall be assessed, and the risk shall be managed accordingly. It is expected that all incidents, near misses, and unsafe conditions are immediately reported to the direct manager, Human Resources, or Safety Representative.

Equal Employment Opportunity

PHINIA is an equal employment opportunity employer such that all qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity/expression, national origin, disability or protected veteran status.

No Unauthorized Referrals from Recruiters & Vendors

Please note that PHINIA does not seek or accept unsolicited resumes or offers from third-party recruiters or staffing agencies associated with any published or unpublished employment opportunities. Any unsolicited information sent to PHINIA will be considered as unencumbered and free from any fee or charge whatsoever. Only members of our Human Resources Team have the authority to engage or authorize recruiting services, which must be agreed upon before the unsolicited resume or offer is received.

Advancing sustainability today, powering carbon-free tomorrow. Join us on this shared journey to a brighter tomorrow. For more information about PHINIA, please visit

#LI-Hybrid