Director - Information Security Governance

SC JOHNSON IS A FIFTH-GENERATION FAMILY COMPANY BUILT ON THE SPIRIT OF OUR PEOPLE. We have been leading with purpose for over 130 years, building iconic brands that win the hearts and minds of consumers – such as Raid®, Glade®, Ziploc® and more, in virtually every country around the world. Together, we are creating a better future – for the planet, for future generations and for every SCJ team member. Join our winning team of Wave Makers and Go Getters and help us write the next chapter in the SCJ story.

S.C. Johnson & Son, Inc. has established a Global Information Security (GIS) Governance function within its Legal Department to support the direction set by the Security Governance Council (SGC). This function leverages security expertise, business process knowledge, and risk management in collaboration with the Global Information Security and Global Physical Security teams. The Director of GIS Governance is responsible for leading the development and refresh of SCJ’s information security strategy and policies, ensuring alignment with company objectives while balancing information security and business needs.

The Director of GIS Governance works closely with the SGC to categorize and manage the company's strategic, reputational, operational, financial, and compliance risk tolerances. This role involves establishing the context and direction for SCJ's risk tolerances, overseeing data governance, security assurance, compliance, internal investigations, and potential conflicts of interest. The Director interacts with all levels of personnel, including senior leaders, to build partnerships, strategically influence others, and drive results. This role also involves collaborating with business functional heads to develop effective and sustainable information security models and strategic plans to mitigate information security risks.

**This role is located in Racine, WI

KEY RESPONSIBILITIES

• Collaborates with SGC and stakeholders to develop and align an enterprise-wide information security strategy balancing security goals and business needs.
• Develops, implements, communicates, and maintains global information security policies, addressing core security control gaps and supporting the information security strategy.
• Identifies and addresses material gaps in the information security program concerning potential conflicts of interest and provides direction to avoid such gaps.
• Oversight of the enterprise risk management function, data governance, security assurance, compliance, internal investigations, and business continuity for Information Security.
• Develops and manages an enterprise Data Governance program to achieve acceptable risk levels and advises on governance principles and risk management frameworks.
• Establishes and oversees an Insider Threat Program to manage potential incidents and investigations in coordination with HR, Global Physical Security, Global Information Security, and Legal functions.
• Oversees staff in electronic evidence collection, and delivery for litigation, including digital forensics and investigations to support HR, Legal, other stakeholders, ensuring proper chain of custody.
• Develops a model for security assurance monitoring and reporting to maintain compliance with information security strategy and policies.
• Manages the GIS Governance budget, sets goals and objectives, and oversees the development and execution of the roadmap.
• Partner with Legal to support the SCJ global privacy program by helping enable the implementation and management of security controls that align with applicable data protection laws and regulatory requirements.

REQUIRED EXPERIENCE YOU’LL BRING

• Bachelor's degree in Information Technology, Computer Science, or a related field
• 10+ years of experience in information security, with a deep understanding of principles, practices, and technologies
• 10+ years of experience in strategic planning and aligning information security strategies with business objectives
• 5+ years of supervisory/management experience in IT and Information Security, including strategic plan development and budget management.

PREFERRED EXPERIENCES AND SKILLS

• Senior-level expertise in information security: Including frameworks, threat management, security operations, architecture, access control, and incident management.
• Knowledge of NIST and ISO 27001 standards: Important for ensuring compliance with international information security management systems.
• Strong understanding of Enterprise Risk Management concepts and frameworks: (e.g., COSO) to manage information security risk from a business perspective.
• Extensive experience leading IT and Information Security functions: Negotiating and managing relationships and influencing corporate adoption of security concepts.
• Experience with Generative AI: Demonstrated experience in implementing and managing AI technologies within information security programs.
• Knowledge of AI-driven threat detection, incident response, and data governance tools.
• Proven ability to manage people across multiple roles and functions: With strong leadership and motivational skills.
• Exceptional organizational and interpersonal skills: With the ability to work effectively with diverse teams, senior executives, and business partners.
• Superior written, presentation, and verbal communication skills: To explain complex security concepts to non-technical and business audiences.
• Awareness of regulatory trends in the fast-moving consumer products and manufacturing industry: Affecting information security and data governance.

JOB REQUIREMENTS

• Full-time onsite in Racine, WI
• Remote work is available once per week for eligible employees.
• This role is not eligible for relocation

Inclusion & Diversity

We’re a global business, with people from every culture, ethnicity, race, religion, gender identity, sexual orientation, age and ability. We recognize the breadth of human experience, and we work to celebrate it. It is our goal to build a diverse, inclusive and supportive work environment where all people can thrive.

We’re committed to ongoing efforts that help us attract, hire, and retain diverse talent who want to build a positive, inclusive environment. Read more about our ongoing initiatives at https://jobs.scjohnson.com/inclusion.

Better Together

At SC Johnson, we strive to create a positive, inclusive and unique workplace. We strongly believe SCJ people are able to achieve their best when they can collaborate and work together in person.

Equal Opportunity Employer

The policy of the Company is to ensure equal opportunity for all qualified applicants and employees without regard to race, color, religion, gender, marital status, sexual orientation, national origin, ancestry, age, gender identity, gender expression, disability, citizenship, pregnancy, veteran status, membership in any active or reserve component of the U.S. or state military forces, genetic history or information or any other category protected by law.

Accommodation Requests

If you are an individual with a disability and you need an accommodation or other assistance during the application process, please call our Human Resources department at 262-260-3343 or email your request to SCJHR@scj.com. All qualified applicants are encouraged to apply. Download the EEO is the Law poster for more information.