Kubota Tractor
Security & Privacy Compliance Manager (Kubota Credit Corporation)
Kubota Tractor, Grapevine, Texas, us, 76099
Overview
For Earth For Life. This position is majority located in office - Grapevine, Texas. Basic Purpose and Scope
The Manager, Security & Privacy Compliance is responsible for leading and advancing the cybersecurity, privacy, and governance, risk, and compliance (GRC) programs for Kubota Credit Corporation, U.S.A. (KCC), Kubota Tractor Acceptance Corporation (KTAC), and Kubota Insurance Corporation (KIC). This role ensures adherence to applicable federal and state regulations, industry standards, and internal policies to protect the confidentiality, integrity, and availability of the organization’s information assets. This position serves as a strategic advisor and operational leader, collaborating across departments to implement, monitor, and continuously improve security and privacy controls. The Manager will also drive awareness, training, and compliance initiatives while fostering a culture of security and risk management. Principal Activities
Maintain up-to-date knowledge of relevant cybersecurity, privacy, and compliance regulations (e.g., NYDFS, GLBA, CCPA, GDPR). Lead and manage a cross-functional team responsible for enterprise-wide cybersecurity, privacy, and GRC (governance, risk, and compliance) programs across KCC, KTAC, and KIC Develop, implement, and maintain security and privacy policies, standards, and procedures in collaboration with Legal, Compliance, and IT. Lead internal audits, risk assessments, and investigations related to information security and privacy incidents. Monitor security tools (e.g., SIEM, IDS/IPS) and analyze trends to identify threats and vulnerabilities. Coordinate and facilitate the Executive Security & Privacy Steering Committee and monthly Working Group meetings. Track and report on key performance indicators (KPIs) and metrics to measure program effectiveness. Provide subject matter expertise for system design reviews, and for vendor engagement, oversight, risk assessments, and contract negotiations. Partner with HR, Legal, and business units to ensure alignment of security and privacy initiatives with organizational goals. Oversee the organization’s record retention program. Promote awareness and training programs to enhance the security and privacy culture across the enterprise. Ensure compliance with frameworks such as CIS, NIST, ISO 27001, and other industry standards. Maintain confidentiality and demonstrate ethical conduct in all activities. Other duties as assigned by management. Minimum Qualifications
High School diploma required. Bachelor’s degree in Computer Science, Information Security, or related field strongly preferred. Minimum of 7 years of experience in information security, privacy, or compliance roles. At least 2 years of experience in a financial services or captive finance environment preferred.
Deep working knowledge of federal and state information security, cybersecurity and privacy laws, as well as customary contractual requirements. Strong understanding of information security principles, architecture and methodologies (including risk assessment and audit methodologies). Proven experience developing security, data privacy and information risk assessment programs. Experience with security frameworks (e.g., CIS, NIST CSF, ISO 27001). Language Requirements
Must be able to read, write, and communicate in English. Equipment Operation
Office equipment including computer, copier, phone, printer Physical Requirements
Typical office environment. Disclaimer
The information provided in the description has been designed to indicate the general nature and level of work performed by incumbents within the classification. This description is not intended to be a comprehensive inventory of all duties, responsibilities, qualifications and working conditions required of employees assigned to this job/classification. This job is intended to include the current essential functions of the job. Management reserves the right to add or modify the duties and responsibilities and to designate other functions as essential at any time. Kubota is an equal opportunity at will employer and does not discriminate against any employee or applicant for employment because of age, race, religion, color, disability, sex, sexual orientation or national origin.
#J-18808-Ljbffr
For Earth For Life. This position is majority located in office - Grapevine, Texas. Basic Purpose and Scope
The Manager, Security & Privacy Compliance is responsible for leading and advancing the cybersecurity, privacy, and governance, risk, and compliance (GRC) programs for Kubota Credit Corporation, U.S.A. (KCC), Kubota Tractor Acceptance Corporation (KTAC), and Kubota Insurance Corporation (KIC). This role ensures adherence to applicable federal and state regulations, industry standards, and internal policies to protect the confidentiality, integrity, and availability of the organization’s information assets. This position serves as a strategic advisor and operational leader, collaborating across departments to implement, monitor, and continuously improve security and privacy controls. The Manager will also drive awareness, training, and compliance initiatives while fostering a culture of security and risk management. Principal Activities
Maintain up-to-date knowledge of relevant cybersecurity, privacy, and compliance regulations (e.g., NYDFS, GLBA, CCPA, GDPR). Lead and manage a cross-functional team responsible for enterprise-wide cybersecurity, privacy, and GRC (governance, risk, and compliance) programs across KCC, KTAC, and KIC Develop, implement, and maintain security and privacy policies, standards, and procedures in collaboration with Legal, Compliance, and IT. Lead internal audits, risk assessments, and investigations related to information security and privacy incidents. Monitor security tools (e.g., SIEM, IDS/IPS) and analyze trends to identify threats and vulnerabilities. Coordinate and facilitate the Executive Security & Privacy Steering Committee and monthly Working Group meetings. Track and report on key performance indicators (KPIs) and metrics to measure program effectiveness. Provide subject matter expertise for system design reviews, and for vendor engagement, oversight, risk assessments, and contract negotiations. Partner with HR, Legal, and business units to ensure alignment of security and privacy initiatives with organizational goals. Oversee the organization’s record retention program. Promote awareness and training programs to enhance the security and privacy culture across the enterprise. Ensure compliance with frameworks such as CIS, NIST, ISO 27001, and other industry standards. Maintain confidentiality and demonstrate ethical conduct in all activities. Other duties as assigned by management. Minimum Qualifications
High School diploma required. Bachelor’s degree in Computer Science, Information Security, or related field strongly preferred. Minimum of 7 years of experience in information security, privacy, or compliance roles. At least 2 years of experience in a financial services or captive finance environment preferred.
Deep working knowledge of federal and state information security, cybersecurity and privacy laws, as well as customary contractual requirements. Strong understanding of information security principles, architecture and methodologies (including risk assessment and audit methodologies). Proven experience developing security, data privacy and information risk assessment programs. Experience with security frameworks (e.g., CIS, NIST CSF, ISO 27001). Language Requirements
Must be able to read, write, and communicate in English. Equipment Operation
Office equipment including computer, copier, phone, printer Physical Requirements
Typical office environment. Disclaimer
The information provided in the description has been designed to indicate the general nature and level of work performed by incumbents within the classification. This description is not intended to be a comprehensive inventory of all duties, responsibilities, qualifications and working conditions required of employees assigned to this job/classification. This job is intended to include the current essential functions of the job. Management reserves the right to add or modify the duties and responsibilities and to designate other functions as essential at any time. Kubota is an equal opportunity at will employer and does not discriminate against any employee or applicant for employment because of age, race, religion, color, disability, sex, sexual orientation or national origin.
#J-18808-Ljbffr