Cyber Security Governance, Risk, and Compliance (GRC) Lead

Position Overview

As the commercial vehicle industry undergoes its most significant transformation in a century, International is leading the charge. We're not just supplying trucks, buses, and engines; we're redefining transportation. Embracing a bold digital transformation, International is ushering in a new era of complete and sustainable transport solutions.

The Cyber Security Governance, Risk, and Compliance (GRC) Lead involves a variety of skills and responsibilities to ensure an organization's security posture aligns with regulatory requirements and identifies, tracks, and manages risks effectively.

This position will be based out of our World Headquarters in Lisle, Illinois, a suburb outside of Chicago.

Responsibilities

• Developing GRC Frameworks: Establish and manage governance structures, risk management strategies, and compliance programs.
• Conducting Risk Assessments: Regularly evaluate the IT & OT organization's risk landscape and implement mitigation strategies.
• Ensuring Compliance: Monitor IT & OT adherence to regulatory requirements and industry standards.
• Policy Development: Create and update security policies and procedures to align with business goals and regulatory mandates.
• Training and Awareness: Conduct training sessions to educate employees about security policies and best practices.
• Audit Management: Facilitate internal and external audits to ensure compliance and identify areas for improvement.
• Reporting:Provide regular reports to senior management on GRC activities, risk status, and compliance metrics.

Minimum Requirements

• Bachelor’s degree
• At least 10 years of information technology security experience
• At least 4 years of management experience

OR

• At least 12 years of information technology security experience
• At least 4 years of management experience

Additional Requirements

• Qualified candidates, excluding current employees, must be legally authorized on an unrestricted basis (US Citizen, Legal Permanent Resident, Refugee or Asylee) to be employed in the United States. We do not anticipate providing employment related work sponsorship for this position (e.g., H-1B status)

Desired Skills

• Risk Management: Ability to identify, assess, track, and manage risks.
• Compliance Knowledge: Understanding of relevant regulations and standards (e.g., GDPR, HIPAA, ISO 27001).
• Cybersecurity Expertise: Knowledge of security controls, threat analysis, and vulnerability management.
• Analytical Skills: Strong ability to analyze data and trends to identify potential security issues.
• Communication: Effective communication skills to convey complex security concepts to non-technical stakeholders, including reporting a consolidated view of the company’s cyber risk profile and direct responsibility for remediation and improvement plans.
• Project Management: Ability to manage and coordinate GRC initiatives and projects.
• Managed Service Oversight: Ability to manage third-party suppliers of GRC and other related managed services.
• Attention to Detail:Precision in monitoring compliance and risk management processes.

Benefits and Compensation

We provide a competitive total rewards package which ensures job satisfaction both on and off the job. We offer market-based compensation, health benefits, 401(k) match, tuition assistance, EAP, legal insurance, an employee discount program, and more.

For this position, the expected salary range will be commensurate with the candidate’s applicable skills, knowledge and experience.

You can learn more about our comprehensive benefits package at https://careers.international.com/#benefits.

Company Overview

ABOUTTRATON With its brands Scania, MAN, International, and Volkswagen Truck & Bus,TRATONSE is the parent and holding company of theTRATONGROUP and one of the world’s leading commercial vehicle manufacturers. The Group’s product portfolio comprises trucks, buses, and light-duty commercial vehicles. “Transforming Transportation Together. For a sustainable world.”: this intention underlines the Company’s ambition to have a lasting and sustainable impact on the commercial vehicle business and on the Group’s commercial growth.

ABOUT INTERNATIONAL
From a one-man company built on the world-changing invention of the McCormick reaper in 1831, to the 15,000-person-strong company we are today, few companies can lay claim to a history like International. Based in Lisle, Illinois, International Motors, LLC* creates solutions that deliver greater uptime and productivity to our customers throughout the full operation of our commercial vehicles. We build International trucks and engines and IC Bus school and commercial buses that are as tough and as smart as the people who drive them. We also develop Fleetrite aftermarket parts. In everything we do, our vision is to accelerate the impact of sustainable mobility to create the cleaner, safer world we all deserve. As of 2021, we joined Scania, MAN and Volkswagen Truck & Bus in TRATON GROUP, a global champion of the truck and transport services industry. To learn more, visitwww.International.com.

*International Motors, LLC is d/b/a International Motors USA in Illinois, Missouri, New Jersey, Ohio, Texas, and Utah.

EEO Statement

We are an Equal Opportunity Employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics.

If you are a qualified individual with a disability and require a reasonable accommodation to access the online application system or participate in the interview process due to your disability, please email HUB@International.com to request assistance. Kindly specify Job Requisition Number / Job Title and Location in response. Otherwise, your request may not be considered.

• Bachelor’s degree
• At least 10 years of information technology security experience
• At least 4 years of management experience

OR

• At least 12 years of information technology security experience
• At least 4 years of management experience

• Developing GRC Frameworks: Establish and manage governance structures, risk management strategies, and compliance programs.
• Conducting Risk Assessments: Regularly evaluate the IT & OT organization's risk landscape and implement mitigation strategies.
• Ensuring Compliance: Monitor IT & OT adherence to regulatory requirements and industry standards.
• Policy Development: Create and update security policies and procedures to align with business goals and regulatory mandates.
• Training and Awareness: Conduct training sessions to educate employees about security policies and best practices.
• Audit Management: Facilitate internal and external audits to ensure compliance and identify areas for improvement.
• Reporting:Provide regular reports to senior management on GRC activities, risk status, and compliance metrics.