Compliance Manager - Cybersecurity Governance, Risk and Compliance

Compliance Manager

Job Description:

Position Overview

The purpose of this role is to oversee the ongoing development and operation of the ESAB GRC function. This includes but is not limited to Cybersecurity Policy & Procedures, Cyber Risk Management, Third Party Risk Management, Cybersecurity Operating Model/Reporting, Cybersecurity Awareness Training.

Primary Duties & Responsibilities

• Oversee Team members and third parties to effectively deliver best in class GRC capabilities to ESAB.
• Maintain and enhance Cybersecurity Policies and Standards for ESAB.
• Oversee operating procedures for Cybersecurity at ESAB. Coordinate Security Council meetings, Strategic Planning, regular reporting on Cyber related activities such as Vulnerability Management & Compliance. Respond to customer requests for cyber security posture/ framework alignment.
• Oversee Purple Team activities, Cybersecurity Maturity Assessments, Tabletop Exercises.
• Aid in the preparation of leadership presentations, and third party reporting requirements.
• Work to deliver effective security awareness training.
• Understand and work with internal teams on required Cyber security framework alignment.
• Oversee Cyber Risk Management team meetings and risk identification and remediation plans

Qualifications

       Education

• Bachelor’s or equivalent work experience in GRC, Cybersecurity, and information technology
• ISACA Certification a plus
• ISC2 Certification a plus

       Experience

• Minimum 5 years in Governance, Risk , and Compliance (GRC) with deep understanding of Cybersecurity Policies, Risk Management, Awareness, and general Cybersecurity processes.
• Team oversight and development.
• Good communications skills and ability to effectively work cross functionally.
• Understanding of Common Cybersecurity frameworks such as ISO 27001, and NIST CSF.
• Project Management skills a plus.

      Personal Attributes

• Strong communications skills
• Team leadership experience
• Technical understanding of cybersecurity practices, and Information Systems
• Comfortable in fast paced environment and taking ownership of complex tasks

       Language

• Essential: Fluent in English

Experience Level

Mid Level