At Bloom Energy our vision for a world powered by clean reliable and affordable energy is more than just a dreamwere making it reality.

For over two decades weve been at the forefront of the global energy transition pioneering solutions that empower critical industries to thrive in a rapidly digitizing energy-intensive world. From revolutionizing power for AI-driven data centers to ensuring resilience for hospitals electric grids manufacturing facilities and utilities our solid oxide fuel cell (SOFC) and solid oxide electrolyzer (SOEC) technologies are redefining whats possible by delivering energy abundance for all. With more than 30000 fuel cell modules deployed worldwide we are the trusted partner for Fortune 100 companies and innovators alike. Our cutting-edge solutions enable unparalleled time-to-power capabilities reliability and sustainability ensuring our customers remain ahead in a world where soaring energy demand and intensifying energy scarcity are rapidly becoming the new norm.

At Bloom we thrive on collaboration bold thinking and relentless innovation. We believe that together we can create a brighter more sustainable future while tackling the most pressing challenges of the 21st century.

We are looking for a Senior Manager GRC to join our team in one of todays most exciting technologies. This role will report to our Chief Security Officer and based in San Jose CA. This is a fully on-site in office role 5 days a week.

The Senior Manager GRC (Governance Risk and Compliance)will lead the strategy implementation and effective management of Bloom Energys GRC framework. The ideal candidate will be focusing on aligning security policies/procedures with business goals managing enterprise level cyber security risks in a central risk register ensuring compliance with laws/standards (like ISO 27001 CIS GDPR PCI-DSS). They will oversee assessments reporting to leadership and building/mentoring GRC teams. The ideal candidate should possess a positive attitude be someone who embraces change excels cross-functional collaboration is organized desires to automate and has a solid background in IT security and compliance driving risk-based decisions and maintaining regulatory adherence through policies controls and training.

Key Responsibilities

• Governance:Develop and maintain security policies procedures frameworks and standards ensuring alignment with business objectives. Drive enterprise-wide security training program.

• Risk Management:Oversee enterprise cyber security risk assessments identify vulnerabilities implement mitigation strategies and manage third-party risk. Maintain central risk register. Collaborate with central enterprise risk management function. Support sales by timely filling out security questionnaires.

• Compliance:Ensure adherence to internal policies industry standards (e.g. ISO 27001 CIS NIST CSF) and external regulations (e.g. GDPR CCPA NERC-CIP SOX). Primary liaison with external auditors for security compliance.

• Leadership:Lead and mentor the GRC team foster a culture of compliance and drive strategic GRC initiatives.

• Stakeholder Management:Collaborate with IT legal enterprise risk management engineering and business leaders; act as a liaison with auditors and regulators; and provide executive reporting.

• Reporting & Metrics:Establish metrics to track policy and compliance adherence and provide senior management with risk insights and compliance status on regular basis.

Key Skills & Qualifications

• Strong background in IT Security Risk Management and Compliance.

• Expertise in relevant laws regulations and frameworks such as ISO27001 NIST CSF CIS.

• Drive several security programs leading to compliance

  Security & vulnerability management

  Change management

  Logging environments

  Periodic review of Active Directory Group Policy and Access Management

  Automated evidence collection

• Excellent leadership communication and stakeholder management.

• Strategic thinking and problem-solving abilities.

• Experience with GRC tools policies standards procedures is required.

• Ability to function as a self-directed team leader organizing work and meeting deadlines.

• Identify effectiveness & efficiency improvement initiatives and work toward completing these goals.

• High standards for consistency & quality within personal and team performance.

• Ability to work flexible hours to collaborate with global team.

• Ability and desire to obtain industry relevant compliance knowledge/certifications.

Required Education and Experience

Bachelors degree preferred 12 years of relevant industry experience with 7 years in Compliance Familiarity with various compliance standards including ISO27001 GDPR CIS NIST CSF

Bloom Energy is an equal opportunity employer and makes employment decisions on the basis of merit. We are committed to compliance with all applicable laws providing equal employment opportunities. All qualified applicants will receive consideration for employment without regard to race sex color religion national origin protected veteran status or on the basis of disability. Bloom Energy makes reasonable accommodations consistent with applicable laws for the known physical or mental

limitations of an otherwise qualified applicant or employee with a disability who can perform the essential job functions unless undue hardship would result.

At Bloom Energy we are committed to supporting the well-being of our employees and their families. Our comprehensive benefits package for eligible employees includes competitive Medical Dental and Vision plans with a large employer contribution a 401(k) Retirement Plan with company match generous Mental Health Support services Legal services virtual Physical Therapy access and Fertility & Family Forming benefits.

Bloom Energy is committed to fair and equitable compensation practices.

FULL TIME ROLE ONLY: The total compensation for this position includes standard company benefits and is based on various factors including but not limited to relevant skills and experience.

#LI-JM

Salary Ranges: