Every day at FedEx, over 600,000 team members, over 180,000 vehicles, and over 650 aircraft serve millions of people in 220+ countries and territories around the globe. Our work is more than the delivery of packages; we connect both our customers and our team members to solutions and possibilities. Join us in this effort and discover how we equip and empower our people to deliver exceptional experiences and outstanding service.
Job Description: The mission of the Information Security Department is to preserve the confidentiality, integrity and availability of FedEx’s information assets. The IT Compliance Team is a trusted advisor and advocate for all IT compliance related matters within the company. As an Information Security Analyst (Compliance) you will be tasked with challenging, highly visible projects and activities aimed at maturing the security and control posture of the organization and to comply with regulatory requirements such as SOX and PCI-DSS.
Key responsibilities: Governance
Support the IT organisation in maturing the IT control environment by driving the implementation of the IT Control Framework
Develop/maintain compliance program / process and provide regular guidance, communications and training on compliance and assistance with problem resolution and remediation to Compliance Champions and Process / Control Owners
Facilitate the development and maintenance of Information Security (IS) policies and standards based on knowledge of best practices and compliance requirements, support their annual review and provide entity wide IS guidance for any updates
Collaborate with the Enterprise Compliance Team, Finance and Internal Controls, IT business partners, Internal Audit, Legal, Information Security, External Auditors and other stakeholders in developing and maintaining policies and standards.
Perform IS Control, Compliance and Risk Assessment activities as required by management.
Work with Control Owners and Compliance Champions to facilitate and support testing of Sarbanes Oxley (404) and PCI controls, ensure accuracy of control description and help remediate any issues related to control deficiencies.
Work with internal and third-party teams, Internal and External Auditors on IS control descriptions and changes.
Communicate identified control deficiencies to management effectively, both verbally and in writing.
Evaluate the design and operational effectiveness of IS policies, standard, and procedures.
Interface with Global IT teams, Internal/External Audit and regulatory personnel in coordinating the gathering of requests to support the respective IS related audits.
Support and, where needed, perform IT Risk Assessments to ensure compliance with corporate security policies, regulatory requirements and adherence to best practices
The ideal candidate will have:
Bachelor's degree in Information Systems or Business Administration (Master’s degree a plus).
At least 6 years of governance, risk and compliance experience; Big 4 accounting or financial services preferred.
Expert knowledge of regulatory compliance initiatives related to Sarbanes Oxley and PCI-DSS
Technology audit skills including experience performing walkthroughs and testing of program change management; logical security and access controls; program development and computer operations.
Expert knowledge of 1 or more of the following compliance standards and frameworks: ISO, COBIT, PCI, ISO27001
Proficiency in the design and implementation of effective IT controls
Ability to create new processes to improve security and compliance with minimal oversight
Certifications: CISA, CSAM, CISM, CISSP, CGEIT, CRISC or similar
Detail oriented with strong and effective organisational, project and time management skills.
An excellent team player with the ability to work collaboratively, independently and on multiple projects simultaneously.
Effective influencer with a high standard of verbal and written communication skills.
Excellent Microsoft Office skills.
Fundamental understanding of secure software development lifecycle, cloud security and information privacy requirements.
Experience working with internal and external auditors.
What we offer:
FedEx offers employees a competitive benefits and reward package including a wide array of formal training and on the job learning opportunities.
FedEx is one of the most admired companies and trusted brands year after year
In joining FedEx, every team member commits to our Purple Promise — to make every FedEx experience outstanding—for the customer and for our fellow team members.
Being a part of FedEx means you are a part of a global network of solutions that only continues to strengthen its capability to deliver what our customers need anytime, anywhere.
Additional Information Posting Date: 25-July-2022
Closing Date: 31-August-2022
Accuracy & Attention to Detail;Analytical Skills;Problem Solving Skills;Judgement & Decision Making Skills;Presentation Skills;
Education: Bachelor: Computer and Information Science
Bachelor: Business Administration/Management
Language: English: Comprehension
Certification: Certified Information Security Manager (CISM) CIT
Certified Information Systems Auditor (CISA)
Certified Information Systems Security Professional (CISSP)
FedEx was built on a philosophy that puts people first, one we take seriously. We are an equal opportunity employer and we are committed to a diverse and inclusive workforce in which we provide growth opportunities for all
FedEx Express is one of the world's largest express transportation companies and has consistently been selected as one of the top 10 World’s Most Admired Companies by "Fortune" magazine. Every day FedEx delivers for its customers with transportation and business solutions, serving more than 220 countries and territories around the globe. We can serve this global network due to our outstanding team of FedEx team members, who are tasked with making every FedEx experience outstanding.
The People-Service-Profit philosophy (P-S-P) describes the principles that govern every FedEx decision, policy or activity. FedEx takes care of our people; they, in turn, deliver the impeccable service demanded by our customers, who reward us with the profitability necessary to secure our future. The essential element in making the People-Service-Profit philosophy such a positive force for the company is where we close the circle, and return these profits back into the business, and invest back in our people. Our success in the industry is attributed to our people. Through our P-S-P philosophy, we have a work environment that encourages team members to be innovative in delivering the highest possible quality of service to our customers. We care for their well-being, and value their contributions to the company.
Our culture is important for many reasons, and we intentionally bring it to life through our behaviors, actions and activities in every part of the world. The FedEx culture and values have been a cornerstone of our success and growth since we began in the early 1970’s. While other companies can copy our systems, infrastructure and processes, our culture makes us unique and is often a differentiating factor as we compete and grow in today’s global marketplace.