Data Security & Privacy Compliance Advisor

Job ID
Experience (Years)

Company Overview

Canon U.S.A., Inc., is a leading provider of consumer, business-to-business, and industrial digital imaging solutions to the United States and to Latin America and the Caribbean markets. With approximately $29 billion in global revenue, its parent company, Canon Inc. (NYSE:CAJ), ranks third overall in U.S. patents granted in 2016† and is one of Fortune Magazine's World's Most Admired Companies in 2016. Canon U.S.A. is committed to the highest level of customer satisfaction and loyalty, providing 100 percent U.S.-based consumer service and support for all of the products it distributes. Canon U.S.A. is dedicated to its Kyosei philosophy of social and environmental responsibility. In 2014, the Canon Americas Headquarters secured LEED® Gold certification, a recognition for the design, construction, operations and maintenance of high-performance green buildings. To keep apprised of the latest news from Canon U.S.A., sign up for the Company's RSS news feed by visiting and follow us on Twitter @CanonUSA. For media inquiries, please contact

† Based on weekly patent counts issued by United States Patent and Trademark Office.

All referenced product names, and other marks, are trademarks of their respective owners.
We are an EEO/AA employer. Minority/Female/Individuals with Disabilities/Protected Veterans. 

Position Overview

Canon U.S.A., Inc. is currently seeking a Data Security Compliance Advisor (Advisor, Data Sec/Prvcy Cmp) to join its Data Security & Privacy Team at its Melville, NY Headquarters.


- Work in a high-visibility role in the Data Security & Privacy Office, a cross-functional department responsible for establishing and administering information governance policy and IT risk management at Canon U.S.A. and affiliated companies
- Serve as an information security subject matter expert for various business units enterprise-wide including Procurement, Legal Administration, and other business units on an as-needed basis, with a specific focus on providing subject matter consultation to the Legal Division for written agreements and other documents
- Working with the Data Security & Privacy Manager and Chief Information Security Office (“CISO”) to maintain and update information security and privacy governance (i.e., policies, procedures, etc.) through an iterative, committee-based, process involving leaders in Information Technology, Legal, Audit and Privacy
- Assist in the management of the vendor information security risk assessment program. This includes performing vendor information security due diligence and reviewing Security Questionnaire responses and other reports pertaining to vendor security service levels (including SOC 1-3 reports, penetration and vulnerability testing results ports, etc.)
- Provide consultative compliance advice regarding information security, IT risk best practices, and corporate security service level objectives to business leaders and stakeholders
- Contribute to our enterprise risk management program, identifying security risk priorities and documenting vendor risk scores based on criticality, likelihood of occurrence, and information sensitivity


- Experience with IT and cloud vendor security risk assessment and analysis
- Strong information security, information systems and/or IT audit background with hands-on experience in at least one of the following:  identity & access management, perimeter security/defense, event management/response, intrusion detection/prevention systems, and vulnerability and penetration testing
- Must have and understanding of risk management principles and the ability to balance big picture objectives with various risk factors including financial, regulatory, and strategic risk
- Experience with Vendor Risk Assessment tools and/or Governance, Risk Management, and Compliance (“GRC”) platforms
- Strong communication and relationship building skills to work with stakeholders and leaders throughout Americas-wide
- CISM, CISSP, CISA or other relevant industry Information Security certification highly desired
- 5+ years of practical information security experience required
- Bachelor's degree in Computer Science or Information Systems a plus
Other commonly used titles/keywords: Cyber, Cybersecurity, Info Sec, Information Security, Privacy, Compliance, ISO
If you are not reviewing this job posting on our Careers’ site, we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed