Senior Governance Risk And Compliance Analyst

ResponsibilitiesAssist in developing and maintaining a robust Information Security GRC program to scale with company growth and align with industry best practicesFocus on executing and coordinating IT security governance, risk, and compliance processes for global regulationsAct as the primary contact for daily IT compliance matters and inquiriesCreate and maintain documentation for security and operational controls to support audits and certificationsDocument GRC processes and proceduresCoordinate responses to regulatory inquiries, due diligence requests, and auditsManage audit findings, process improvements, and monthly audit activitiesPerform and update IT risk assessments, maintain governance documentation, and use security metrics to track progressDevelop and implement a continuous monitoring program for IT compliance and automate manual processesManage the company-wide security awareness and compliance training programsSafeguard data during M&A and IT transformation activitiesCollaborate with legal teams on cyber risk reporting and customer contractual requirementsComplete security assurance questionnaires for stakeholders, including customers and cyber-insurersLead IT control testing and gap analysis for TE's information security programs, including SOX, DFARS 7012, and CMMCRequirementsBachelor's degree in information technology or related fields, or equivalent work experience in Cybersecurity, Governance, Risk, and Compliance disciplines (5+ years)General knowledge of information security and controls, including identity & access management, database, operating system, network security, endpoint security, application security, data protection and leakage, vulnerability management, security logging, and monitoringFamiliarity with IT security and compliance regulations for a public, global manufacturing company (, SOX, PCI, HIPAA, US and international privacy regulations, US and international cybersecurity regulations, and export restrictions such as DFARS, ITAR, UKML) and/or Controls Frameworks (, COSO, COBIT, NIST, ISF Standards of Good Practice, ISO 27001) and industry or regionally specific certifications (, TISAX, UK CyberEssentials)Skills in documenting risk and compliance activitiesExperience performing information security audits or risk assessmentsUnderstanding of common security frameworks, standards, and regulations (, SOC, ISO2700x, NIST Cybersecurity Framework)Ability to develop security standards and guidelines based on best practices and industry standardsExcellent interpersonal, communication, and presentation skills, including formal report writingAbility to develop creative and adaptive solutions to unique and complex inquiriesAbility to track and manage numerous parallel activitiesAbility to identify opportunities for continuous improvement and execute themAbility to work efficiently and independently with minimal supervision (self-motivated and willing to meet important deadlines)Ability to work successfully in a cross-functional team environmentUseful links