Job Description

Donaldson is committed to solving the world's most complex filtration challenges. Employing innovation and breakthrough solutions, we are advancing filtration for a cleaner world. We look for the best people to help us succeed, offering opportunities to learn, effect change, and make meaningful contributions at work and in our communities. This is a place where you can make a world of difference.

Follow Us on LinkedIn:

Responsibilities:

Supports global initiatives related to IT and Information Security governance, risk and compliance through the following:

• Performing assessments related to IT/Information Security policies, regulatory requirements, internal risk and standards (NIST 800-171 (CMMC), PCI DSS, Chinese regulations (MLPS/CLS), CLS, SOX, data localization, and internal and external audits and assessments)
• Coordinating with global cross-functional teams on the day-to-day operational activities needed to support the Security Governance Risk and Compliance program including analyzing internal and external IT risks and related processes and tracking remediation solutions including any mitigating/compensating controls for deficiencies or policy exceptions
• Performing information security reviews of new and existing vendors, suppliers, partners, and clients
• Creating, modifying, and reviewing IT/Security policies, standards, and processes
• Creating, distributing, and tracking information security risk assessments
• Drafting and presenting reports and metrics to IT, Security, and business management

Qualification:

• Bachelor's degree in IT, Accounting, Finance, Business, or related field

Technical Competence & Skills

• Minimum 2-4 years of professional level IT and information security experience, including experience related to IT controls, data protection, risk management and technology compliance.
• Understands day-to-day IT and business processes
• Knowledgeable about current software and hardware risks, controls and procedures
• Familiarity with some of the following: SOX 404, PCI DSS, NIST 800-171, ISO 27001, MLPS, Oracle security, IT policies and procedures
• Knowledge of applicable industry rules (ISO27001, NIST, COSO, CoBIT) and expertise in Information Security best practices
• Knowledge of IT Risk Management principles, tools, and procedures.
• IT Audit/Consulting experience is a plus
• Experience interacting with Governance Risk and Compliance (GRC) platforms such as ServiceNow, Archer, or equivalent is a plus

Others (% of travel, language, etc.):

• Excellent verbal and written communication skills in English & Mandarin.

Come make a World of Difference!

Employment opportunities for positions in the United States may require use of information which is subject to the export control regulations of the United States. Hiring decisions for such positions are required by law to be made in compliance with these regulations. Applicants for employment opportunities in other countries must be able to meet the comparable export control requirements of that country and of the United States.

Our policy is to provide equal employment opportunities to all qualified persons without regard to race, gender, color, disability, national origin, age, religion, union affiliation, sexual orientation, veteran status, citizenship, gender identity and/or expression, or other status protected by law.