IT Security Manager- GRC
IT Security Manager- GRC
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
its whats inside that counts
*Onsite 5days a week*
Theres more to CMC than our products and the buildings structures and roads they go into. At CMC its the people inside our recycling centers fabrication plants manufacturing facilities steel mills and offices that make us who we are as a company. Our success comes from finding retaining and supporting the highest quality talent by offering:
- Day 1 Benefits Coverage with low cost Medical Vision Dental
- Day 1 Paidtime Off and Vacation
- 4.5 Company Match 401(k) plan
- $500 Annual Companypaid Lifestyle Benefit
- Competitive Compensation and Bonuses
- Companypaid Life and Disability Insurance
- Employee Stock Purchase Plan
- Training and Advancement Opportunities
Why This Job
CMC is a leading manufacturer committed to excellence and innovation. We prioritize safeguarding our digital assets and ensuring the highest standards of IT security governance. As part of our ongoing commitment to maintaining a secure digital environment we are seeking a talented individual to join our team as IT Security Manager GRC.
The Manager of IT Security Governance Risk and Compliance will play a crucial role in developing implementing and maintaining robust IT security governance frameworks and practices within our organization. This position requires a deep understanding of IT security principles regulations and best practices as well as strong analytical and communication skills to effectively collaborate with various stakeholders include Internal/External Auditors and IT Product leads. This role requires extensive experience in internal audits SOX auditing NIST CSF 2.0 SOC 2 report review controls design thirdparty vendor reviews and GRC tools.
CMC provides an excellent opportunity to learn the steel construction reinforcement and ground stabilization industries and to grow in your career. Whether you will spend your day brainstorming in an office cubicle operating a crane running manufacturing equipment or troubleshooting technical obstacles at CMC youll get the training and support from your team that you need to excel in your role and reach your full potential.
What Youll Do
- Internal Audits: Conduct and oversee internal IT security audits to ensure compliance with organizational policies and regulatory requirements
- SOX Auditing: Manage and execute SOX (SarbanesOxley) compliance audits ensuring adherence to financial and IT controls. Act as IT interface and coordinator to Internal and External Auditors
- NIST CSF 2.0: Implement and maintain the NIST Cybersecurity Framework (CSF) 2.0 to enhance the organizations security posture
- SOC 2 Report Review: Review and assess SOC 2 reports to ensure thirdparty service providers meet security and compliance standards
- Controls Design: Design implement and monitor security controls to protect sensitive information and systems
- ThirdParty Vendor Reviews: Conduct thorough security assessments of thirdparty vendors to mitigate risks associated with external partnerships
- GRC Tools: Utilize GRC tools to streamline and automate governance risk management and compliance processes
- Team Collaboration: Work closely with crossfunctional teams including IT legal finance and operations to ensure cohesive and comprehensive security strategies.
- Foster a collaborative environment to share knowledge best practices and support team members in achieving common goals
- Provide guidance and support to IT teams in implementing security controls and mitigating risks in their respective areas
- Monitor and report on compliance with IT security policies standards and regulations to senior management and relevant stakeholders
- Foster a culture of security awareness and compliance across the organization through training awareness programs and regular communication
What Youll Need
- Minimum of 5 years of experience in IT security with a focus on GRC
- Previous people management skills highly preferred
- Indepth knowledge of internal audits SOX auditing NIST CSF 2.0 SOC 2 and controls design
- Strong understanding of IT security principles standards and frameworks (e.g. ISO 27001 NIST Cybersecurity Framework GDPR)
- Experience with GRC tools such as Workiva RSA Archer MetricStream or similar
- Excellent analytical and problemsolving skills
- Demonstrated ability to work collaboratively in a crossfunctional team environment
- Excellent communication and interpersonal skills
Your Education
- Bachelors or Masters degree in Computer Science Information Systems or other related field; or equivalent relevant experience
We are CMC a Fortune500 company at the leading edge of our industry. Our construction reinforcement and steel products have supported construction projects and structures around the world. The secret to our success Weve built our legacy by assembling a team of innovators and doers to tackle some of the most challenging construction reinforcement problems facing our world for more than 100 years and were just getting started.
If youre ready to join a team working to make our industry more sustainable support the bridges roadways buildings and infrastructure that connects our communities and do meaningful work youre ready to joinCMC. Apply today and start moving your career and our world forward. Lets build a better world!
CMC is committed to providing equal employment opportunities (EEO) to all employees and applicants for employment without regard to race color religion sex age physical or mental disability national origin citizenship military or veteran status sexual orientation gender identity and/or expression genetic information or other status protected by federal state or local law.
Required Experience:
Manager
Employment Type
Full Time
