fairlife, LLC is a Chicago-based dairy company that creates great-tasting, nutrition-rich and value-added products to nourish consumers.
With more than $1B in annual retail sales, fairlife’s growing portfolio of delicious, lactose-free, real dairy products includes: fairlife® ultra-filtered milk; Core Power® High Protein Shakes, a sports nutrition drink to support post-workout recovery; fairlife® nutrition plan™, a nutrition shake to support the journey to better health.
A wholly owned subsidiary of The Coca-Cola company, fairlife, LLC has been recognized by both Fast Company and Nielsen for its industry leading innovation.
The company is driven by its values of caring for people, the animals that supply us with milk, and the planet. By providing nourishing products, implementing stringent care standards for animals, and stewarding efficient operations and responsible packaging, fairlife, LLC puts a focus each day on making a positive impact for all.
To learn more about fairlife and its complete line of products, please visit fairlife.com.
job purpose:
The Senior Manager, Cybersecurity & Compliance will be responsible for developing and driving a comprehensive cybersecurity strategy & compliance program at fairlife. This individual will have a broad technical understanding of IT security, governance policies, and data related compliance with the ability to assess, report, and recommend solutions to ensure the secure and sustainable growth of fairlife’s IT infrastructure, applications, and data.
responsibilities:
- Be a subject matter expert in the IT Cybersecurity and risk domain to ensure fairlife has a robust and effective cybersecurity strategy and prioritized tactical roadmap
- Define security standards and policies for IT infrastructure and networks, applications, identity management, and data protection that achieves cybersecurity goals
- Establish and enhance risk management and assessment practices, security operations capabilities, and compliance policies that deliver or improve on over-all cybersecurity posture
- Define and develop methods and metrics to monitor cybersecurity compliance, risk levels, target thresholds, and report results
- Identify key information security risks and collaborate with business stakeholders and IT partners to design appropriate mitigating controls and governance policies
- Define, prioritize, and manage a portfolio of security projects that achieve cybersecurity strategic objectives
- Drive the development and deployment of cybersecurity training and awareness programs for business users and IT technical teams.
- Act as a liaison between fairlife and our Coca-Cola Cybersecurity teams and ensure alignment of strategy and policies
- Oversee and drive remediation of issues identified in security assessments, access control reviews, internal/external audits and other assessments (e.g. NIST)
- Identify, develop, manage, and review external cybersecurity partners and MSP relationships and agreements that fill in gaps in capabilities or resource capacity.
- Establish and maintain cybersecurity related compliance processes, policies, and reviews for 3rd Party/Vendor Management
- Act as point of escalation and prioritization regarding cybersecurity concerns from the business, ensuring business impacts are identified and discussed
skills/qualifications required:
- Bachelor's Degree in Information Technology, Cybersecurity, Information Systems, or a related field required
- 7-9+ years combined experience in cybersecurity and compliance field with 2+ years in a related leadership role
- Demonstrated knowledge of IT security architecture, risk framework principles, and supporting security technologies and concepts including but not limited to; endpoint protection, network access control, data loss protection, application security controls, public cloud security, and identity management.
- Expert in Cybersecurity policy creation, data security, assessing risk, and building mitigating controls
- Relevant combination of Cybersecurity certifications preferred (CISSP, CISM, CIPM/FIP, CDPSE)
- Experience with IT security frameworks such as NIST and ISO standards
- Clear understanding of critical system security concepts, identity management practices, segregation of duties (SOD), and zero-trust security strategies
- Demonstrated knowledge of applicable data privacy practices and laws in the United States
- Ability to effectively and concisely communicate complex technical solutions in business terms and benefits
- Mentor, coach, and transfer expertise to others as needed to provide skills training, improve coverage, and career development opportunities to team members
- Experience negotiating and managing service provider contracts
- CPG or beverage manufacturing industry experience a plus
position location: Coopersville, MI, Chicago, IL, or Goodyear, AZ
reports to: VP, IT
travel requirements: 10%
exempt/nonexempt: exempt
fairlife, LLC is an equal opportunity employer. We do not discriminate on the basis of race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. All qualified applicants and employees will be given equal opportunity. Selection decisions are based on job-related factors.
In addition to its nondiscrimination commitment, the Company will also provide reasonable accommodation of qualified individuals with known disabilities unless doing so would impose an undue hardship on the Company. If you have a disability and would like to request accommodation in order to apply for a position with us, please email careers@fairlife.com.
