Demo
Salary Resume Critique Job Openings

Information Security Manager - Governance, Risk & Compliance

Axalta
Philadelphia, PA Full Time
POSTED ON 2/12/2025
AVAILABLE BEFORE 5/2/2025

Axalta is searching for an Information Security - Governance, Risk & Compliance Manager to join our team in the Philadelphia, PA area.

The Information Security - Governance, Risk & Compliance (GRC) Manager will serve as a strategic leader, driving the development, operation, and continuous improvement of the organization's global security GRC program. This role entails managing cybersecurity risk, ensuring IT audit and compliance requirements are met, overseeing supplier / vendor security reviews, and aligning the security governance and controls program with best practices and regulatory frameworks. The GRC Manager will collaborate extensively with other security and technology teams, Internal / External Audit, as well as business and leadership stakeholders.

In this role you will :

  • Provide Hands-On management of all aspects of Security Governance, Risk & Compliance services, capabilities, staff, and third-party relationships.
  • Own the IT Compliance, Audit, & Risk Assessment service portfolio for the Information Security program, driving the annual plan for each in a strategic manner, and ensuring high quality outcomes.
  • Perform a range of risk assessment activities including enterprise wide, business unit, asset or control framework / standards (e.g. ISO 27001, NIST CSF, CIS) based assessments and presenting findings to both technical and business audiences.
  • Analyze technologies and business requirements to establish highly effective processes, policies, standards, guidelines, and procedures to ensure comprehensive protection exists to ensure a safe, secure, and resilient technology environment and information assets.
  • Oversee the execution of the IT General Controls framework supporting Sarbanes Oxley requirements. This includes functioning as the primary liaison with Internal and External Audit as well as Control Owners for control design, operation, testing, and remediation planning.
  • Own the management of the security risk register, ensuring risk is appropriately tracked, and remediation strategies are documented.
  • Manage the security metrics and reporting program, developing standard update reports, scorecards, and trend summaries to communicate the performance and health of the security program at regular intervals to leadership stakeholders.
  • Participate in leading Security Awareness activities for the organization.
  • Develop and maintain security controls, policies and capabilities as part of the Information Security Framework with ability to map / crosswalk controls between frameworks / standards (ISO 27001, NIST CSF, CIS).
  • Manage third party, vendor and supplier security risk management and contractual activities in conjunction with Legal, Procurement, Purchasing and Supply Chain teams.
  • Participate in all phases of the SDLC and project life cycles as needed for corporate initiatives - design, build and operate, ensuring technology initiatives align and comply with internal security policy and standards, as well as support relevant controls from standards / frameworks including as Sarbanes Oxley, ISO 27001, CIS, NIST CSF).

Qualifications : Required :

  • Bachelor's in Information Technology, Computer Science, Cybersecurity, Computer Engineering, Security Risk Analysis, Information Security & Assurance or other relevant focus area.
  • Candidates must have a minimum of one of the following certifications or will be required to obtain within the first 12 months : CISSP, ISSMP, CISM, CRISC, CGEIT, CISA, Open FAIR.
  • Minimum 5 years leadership experience in a GRC function with a track record of success and high-quality outcomes.
  • Must have significant hands-on experience leading ITGC and Sarbanes Oxley focused IT compliance programs.
  • Strong experience implementing and maturing security governance standards, frameworks and controls programs such as ISO 27001, NIST CSF, CIS Critical Security Controls.
  • Strong business process knowledge, exceptional analytical skills, and solution-oriented mindset.
  • Extensive experience developing security GRC processes, functions, and assessment tools in a GRC platform, with RSA Archer experience highly desired.
  • Knowledge of security frameworks and standards such as NIST CSF, ISO 27001, CIS Critical Security Controls, GDPR and CCPA. Prior experience with TISAX is helpful.
  • Expertise in the following security knowledge domains : security architecture, vulnerability management, risk management, identity and access management, user access and privileged access reviews, security awareness, cloud computing, and compliance.
  • Experience articulating technical concepts and security risk clearly in business-oriented language. This includes risk scenario records, risk modeling, acceptance, exceptions, findings documentation, and management action / remediation plans.
  • Exceptional written and verbal communication skills are required as this position will be responsible for working directly with multiple technology teams as well as IT leadership.
  • Demonstrates strong organizational skills and the ability to multi-task, prioritize workload, and liaise / partner with other teams.

    • Our Company :

    Axalta has remained at the forefront of the coatings industry by continually investing in innovative solutions. We engineer technologies that protect customers' products - whether they are battling heat, light, corrosion, abrasion, moisture, or chemicals - and add dimension and beauty with colorful finishes. We have a vast and ever-evolving portfolio of brands primed to play an important part in everything from modernizing infrastructure around the world to enabling the next generation of electric and autonomous vehicles.

    Axalta operates its business in two segments : Performance Coatings and Mobility Coatings, which serve four end markets, including Refinish, Industrial, Light Vehicle and Commercial Vehicle, across North America, EMEA, Latin America and Asia-Pacific. Our diverse global footprint allows us to deliver solutions in over 140 countries and coat 30 million vehicles per year. We've recently set an exciting 2040 carbon neutrality goal, in addition to 10 other sustainability initiatives, and we take pride in working with our customers to optimize their businesses and achieve their goals.

    1.2 - First / Mid Level Officials and Managers (EEO-1 Job Categories-United States of America)

    If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
    Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

    What is the career path for a Information Security Manager - Governance, Risk & Compliance?

    Sign up to receive alerts about other jobs on the Information Security Manager - Governance, Risk & Compliance career path by checking the boxes next to the positions that interest you.
    Income Estimation: 
    $152,549 - $188,894
    Income Estimation: 
    $194,072 - $240,547
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $152,549 - $188,894
    Income Estimation: 
    $194,072 - $240,547
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $194,072 - $240,547
    Income Estimation: 
    $220,784 - $286,649
    Income Estimation: 
    $87,093 - $107,335
    Income Estimation: 
    $111,725 - $147,313
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $123,246 - $161,441
    Income Estimation: 
    $152,549 - $188,894
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Employees: Get a Salary Increase
    View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

    Job openings at Axalta

    Quality Control Specialist
    Axalta
    Hired Organization Address Front Royal, VA Full Time
    Job Description - Quality Control Specialist (QCS) SUMMARY This role will perform production quality control testing on ...
    Control Room Operator
    Axalta
    Hired Organization Address Fort Madison, IA Full Time
    Job Description: Axalta Coating Systems in Fort Madison, Iowa, is looking for a qualified Control Room Operator - Rotati...
    Administrative Assistant
    Axalta
    Hired Organization Address Reno, NV Full Time
    Warehouse Administrative Assistant Position Overview: The Warehouse Administrative Assistant is responsible for maintain...
    EHS Specialist
    Axalta
    Hired Organization Address Mount Clemens, MI Full Time
    Job Title : Safety Specialist - Process Safety Management and Hazardous Materials Job Summary : We are seeking a highly ...
    View More Jobs at Axalta

    Not the job you're looking for? Here are some other Information Security Manager - Governance, Risk & Compliance jobs in the Philadelphia, PA area that may be a better fit.

    Information Security Analyst I - Governance, Risk, and Compliance (GRC)

    UHS, TREDYFFRIN, PA

    Information Security Analyst Intern - Governance and Risk (GRC)

    UHS, TREDYFFRIN, PA

    View More Jobs

    AI Assistant is available now!

    Feel free to start your new journey!