Principal Information Security Officer

MGR II INFORMATION SECURITY

At TE, you will unleash your potential working with people from diverse backgrounds and industries to create a safer, sustainable and more connected world. 

Job Overview

Develops and evaluates compliance with programs and processes to mitigate cybersecurity risk and ensure protection of company and allied assets and information. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements. Conducts information security risk assessments, security compliance audits and cybersecurity audits. Establishes IT security audit procedures relevant to SOX, HIPAA, PCI DSS and international data privacy laws. Evaluates and tests the design and operating effectiveness of IT security controls. Maintains compliance of internal IT security controls by meeting internal and external information security requirements. Documents, investigates and reports cybersecurity compliance issues and incidents. Works with business leaders to ensure information security risk findings are reviewed and solutions are implemented.

KEY RESPONSBILITIES:

Responsible for updating and maintaining global IT policies, procedures and standards by collaborating with cross‑functional teams to gather feedback. Lead the global rollout of updated policies by coordinating communication efforts to drive consistent adoption across the company
•    Spearhead the organization’s SOX ITGC program including annual scoping discussions, risk assessments, control evaluations, documentation, testing and overall coordination. This includes providing direction and overseeing the work of functional and system leads across multiple teams to ensure alignment with global cybersecurity and audit requirements.
•    Serve as a key member of the GRC team responsible for monitoring and ensuring adherence to critical Information Security compliance requirements such as ISO 27001, COSO COBIT, and NIST SP 800 53 to support ongoing compliance maturity.
•    Serve as the primary liaison for Internal Audits, statutory audits, external audits and customer audits, facilitating walkthroughs, testing activities, documentation reviews, and issue resolution.
•    Lead the enterprise Third-party Risk Management (TPRM) function, ensuring suppliers and service providers are assessed for cybersecurity, privacy, operational, and regulatory risks.
•    Manages key vendor relationships by assessing third‑party risk, coordinating due‑diligence reviews, and ensuring vendors meet contractual, security, and compliance obligations.
•    Supervises customer assurance efforts by coordinating and completing client security questionnaires, providing evidence, and articulating the organization’s security controls to enable successful customer engagements.
•    Collaborate with Enterprise Security Architecture, Legal, Procurement, and Data Privacy teams to ensure appropriate risk mitigations, contract language, and monitoring requirements are implemented.
•    Assess risks associated with AI technology providers and AI-driven products/services, focusing on data governance, model security, regulatory compliance, and responsible AI principles.
•    Monitor risk and security metrics diligently to mitigate potential threats. Ensure compliance with local, state, federal, and international laws and regulations relevant to cybersecurity and TE operations.
•    Provide guidance, mentorship, and oversight to direct reports, junior GRC staff, building functional capability, and ensuring consistent execution across the GRC domain.
•    Serve as an advisor across Functions and Business Units on all GRC matters, helping to shape strategic decisions. 
•    Facilitate governance committees, steering meetings, and stakeholder reviews, presenting risk insights and GRC program updates.

DESIRED SKILLS:

•    Bachelor’s degree in management information systems, Information Technology, Engineering or related field. 
•    A master’s degree with IT-related majors or relevant certification (e.g., CISA, CISSP, CRISC, CGEIT) is required.
•    Minimum of 12+ years of experience in GRC roles, with at least 3 years in a management or leadership position with increasing responsibility in GRC, IT Audit, SOX, Risk Management, or Cybersecurity.
•    Experience with AI governance, AI risk assessments, or responsible AI frameworks.
•    Demonstrated mastery of at least one major framework (ISO 27001, NIST 800 53, COBIT) and working knowledge of others.
•    Experience in developing and managing comprehensive security and third-party vendor risk management programs is essential.
•    Proven experience in leading and managing diverse teams across multiple geographies. 
•    You should be adept at fostering collaboration and teamwork among team members from various cultural backgrounds.
•    Exceptional ability to collaborate with stakeholders across functions to drive security initiatives. Your success will hinge on your ability to communicate effectively and build strong partnerships.
•    A forward-thinking approach with the ability to anticipate and adapt to the rapidly evolving cybersecurity landscape. You should be able to lead through change and challenge the status quo to enhance our security capabilities. 
•    Experience with ServiceNow GRC, Archer, TrustArc, BitSight, OneTrust, or similar risk management platforms preferred.
•    Knowledge of SAP ERP is preferred.

What your background should look like:

Competencies

Values: Integrity, Accountability, Inclusion, Innovation, Teamwork

Experience Level

Mid Level