Industrial Security Lead developing and scaling OpenAI's security programs across Washington, DC and San Francisco. Ensuring compliance with U.S. government regulations and operational security standards.
About the role
- Cybersecurity GRC Program Manager at EnerSys, leading cybersecurity compliance efforts. Collaborating with internal teams and auditors in a hybrid work environment.
Responsibilities
- Provide GRC guidance and interpretation of rules, regulations, risks, and best practices.
- Execute cybersecurity risk assessment and control attestation processes, including ongoing and annual assessments.
- Collaborate with Internal and External Auditors on security assessments and audits.
- Review control effectiveness evidence, collect, review, and upload evidence for compliance purposes.
- Document emerging and residual risk, assist in risk analysis and evaluation, and identify potential areas of risk.
- Engage with internal teams and consultants to ensure adherence to processes and troubleshoot, identify, analyze, and mitigate risks in existing processes, policies, and procedures.
- Lead the information security compliance program, ensuring compliance with regulations, and develop and implement effective policies and practices to secure sensitive data.
- Communicate operational metrics and trend analysis for IT Leadership, and collaborate with cross-functional teams to align GRC efforts with business objectives.
- Stay up to date on regulatory developments and industry trends.
- Expected to travel up to 10% each year.
Requirements
- A degree in a technical field (Computer Science, Information Systems, or Cybersecurity) is preferred but not required.
- 5+ years of experience in Information Technology and client/customer management.
- Strong understanding of cybersecurity principles, risk management frameworks, and compliance standards (e.g., CMMC, EU CRA, NIS2, TISAX, Essential Eight, IEC 62443, NIST CSF&RMF, ISO 27001).
- Experience working with internal and external auditors.
- Excellent communication and interpersonal skills: Oral, written and listening.
- Strong analytical and problem-solving abilities.
- Ability to work independently and collaboratively in a cross-functional environment.
- Relevant IT certification (e.g., CISSP, CISM, CISA, CRISC) other relevant certifications are preferred.
Benefits
- Hybrid Work Schedule Monday & Friday: Work from home
- Tuesday, Wednesday, Thursday: Onsite at the Reading, PA office
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Senior Information Security Analyst delivering expert assessment services to external organizations in cybersecurity. Evaluating client environments and developing strategic solutions for IT resilience and maturity.
Senior Application Analyst supporting and enhancing systems for the Safety, Environmental, Security, and O&M functions at Black & Veatch. Collaborating with business stakeholders for effective system performance and management.
Cybersecurity Technician at EnerSys safeguarding information system assets and ensuring compliance with cybersecurity frameworks. Involves monitoring threats and deploying security solutions.
Offensive Security Engineer performing penetration testing and AI security evaluations in a global, flexible team environment. Requires extensive experience and knowledge of SaaS and AI security.
Chargé(e) de mission sécurité at Bel ensuring safety regulations compliance and workplace risk assessments. Collaborating with teams to promote safety and manage safety documentation.
Cyber Security IT Intern at Crystal Dynamics contributing to AAA game development projects. Gain hands - on experience and develop industry - relevant skills in IT and Cyber Security.
Cloud Platform Security Governance specialist defining cloud governance frameworks at Deutsche Börse Group. Ensuring compliance and managing risks in cloud security and infrastructure.
Director of Cybersecurity responsible for assessing risks and implementing security solutions at Financeit. Collaborating with various teams to protect information in Canada and the US.
Senior Information Security Engineer handling cybersecurity incidents for Wells Fargo. Leading technical investigations and providing security consulting on medium projects for internal clients.