View Job

Principal Risk & Compliance Advisor

Cox Automotive | Atlanta GA 30301 USA | Full Time | Posted: 07/07/2020

Job Descriptiontop

The Principal Risk & Compliance Advisor is responsible for defining, assessing and managing agreed upon baseline security controls, aligning with business and regulatory requirements to ensure adherence to acceptable industry standards. Performs various compliance advisory responsibilities for Enterprise Services and Third-Party Management to support BU’s including, but not limited to, compliance risk assessments (due diligence) on existing and potential third party relationships, identification of compliance risks associated the third party’s service(s) and providing compliance advice and responsibilities on risks and controls. The Principal Compliance Advisor is responsible for delivering quality results, providing compliance advice to lines of business, and making recommendations to achieve compliance and mitigate risk. This Principal Associate will engage with and support various LOBs and many associates at different levels in the company.

  • Develop and maintain information security policies, standards and procedural documents.
  • Coordinate and manage annual updates, reviews, approvals, and publishing/distribution of security documentation to team members as appropriate.
  • Provides direction and guidance on security solutions based on risk reduction.
  • Independently owns and manages information security risk and compliance initiatives like PCI compliance, GRC implementation, cloud security framework implementation, etc.
  • Coordinates and undertakes risk assessments of third parties, internal business units, projects and processes.
  • Facilitates a compliance self-certification process and annual scope reconfirmation. 
  • Manages risk and assessment compliance reports monthly.
  • Progresses reporting and escalation to stakeholders as appropriate.
  • Coordinates resolution of assessment action points & remediation.
  • Apply GRC principles and frameworks for risk reduction and mitigation
  • Coordinates creation and maintenance/updates of assessment questionnaires. 
  • Undertakes and maintains access reviews for critical systems and other similar processes.
  • Develop and maintain metrics and reporting to demonstrate awareness goal achievement.
  • Drive and support Disaster Recovery & Business Continuity Program Management.
  • Manages compliance impact and requirements for technology general control compliance.
  • Manages changes to the compliance requirements and in-scope systems on an on-going basis, ensuring that new requirements are translated into new operating procedures.
  • Owns and maintains the master list of outstanding assessment actions incorporating it into the risk register.
  • Collaborates and provides business units with recommendations to reduce business risks within their areas.
  • Builds effective relationships with key stakeholders.
  • Review and provide guidance on contractual language within legal agreements.
  • Supports the development of security awareness documentation, marketing materials, and training solutions that are engaging and easy to understand.
  • Drive and support and security awareness activities across CAI 


  • BA/BS Degree, preferably formal studies in Computer Science or Information Systems or equivalent 
  • 10+ years’ hands-on experience in IT Security, Risk and/or Compliance or equivalent
  • Strong background of web-based applications, infrastructure, and architecture
  • Proven experience in reducing and managing security risk in information systems.
  • More than one security certification like CISSP, CISM, CISA, CTPRM, Cloud
  • Strong MS office skills with Excel and Access
  • Ability to work in a fast-paced and dynamic environment
  • Ability to work in a team and independently to fix issues with little or no supervision
  • Excellent organizational, project management and follow-up skills
  • Ability to build effective working relationships at all levels of the organization
  • Excellent communication skills
  • Other duties as needed or required
  • Requires physical ability and mental acuity to execute the duties of the position successfully within required timeframes to meet business requirements.

Who We Are

About Cox Automotive

There’s nothing ordinary about Cox Automotive. We are people of every background driven by our passion for mobility, innovation, client success and community outreach. We make buying, selling and owning (or simply using) cars easier for everyone. Touching more than 40,000 clients across five continents, we bring together the best brands and the best teams to propel the automotive industry forward. Some of those team members work for our iconic consumer brands like Autotrader and Kelley Blue Book, while others are creating the future of automotive at industry-facing brands like, Manheim and vAuto.


About Cox 

We are the Cox family of businesses. We’ve been making our mark since 1898 by building and evolving world-class businesses, staying true to our values, and encouraging top talent to always look for growth and impact while building a career with us.  Our primary divisions – Cox Communications and Cox Automotive – are driving a new wave of innovation, powering smart cities with powerhouse broadband communications and pioneering greener, more progressive transportation alternatives for individuals and fleet operators.  We’re also expanding into new spaces like cleantech and healthcare to rev up our momentum toward building a better future for the next generation.  We’re looking for the talent today who will be our leaders tomorrow. Sound intriguing? Learn more about where we are today, where we hope you’ll be going with us, and the common purpose that unites us at   

Cox is an Equal Employment Opportunity employer - All qualified applicants/employees will receive consideration for employment without regard to that individual’s age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law.

Statement to ALL Third-Party Agencies and Similar Organizations:  Cox accepts resumes only from agencies with which we formally engage their services.   Please do not forward resumes to our applicant tracking system, Cox employees, Cox hiring manager, or send to any Cox facility. Cox is not responsible for any fees or charges associated with unsolicited resumes.

Job Detailstop

Location Atlanta, GA, 30301, United States
Categories Unspecified

Location Maptop

Contact Informationtop

Contact Name -
How to apply Employer provided a link where your application will be accepted. Click on the link below and follow instructions.
Apply Click Here (apply to job)
Job Code 8442_204684

Featured Employers - view all