US Cyber Security Officer (Remote)

GKN Aerospace is reimagining air travel: going further, faster and greener! Fuelled by great people whose expertise and creativity set the industry standards, we're inspired to innovate and break boundaries. We are proud to support protecting the world's democracies and are committed to sustainability, opening up and safeguarding our planet. With over 16,000 employees across 33 manufacturing sites in 12 countries, serving over 90% of the world's aircraft and engine manufacturers, and achieving sales of 3.35 billion in 2023, there are no limits to where you can take your career.

The Cyber Security Officer interprets regulatory and contractual requirements, maps and assesses controls, and advises IT/OT and business teams on control implementation. Responsibilities include security risk management, reporting, policy lifecycle management, training, governance, risk and compliance program delivery, and third-party risk management. Collaboration with stakeholders across departments such as IT, Legal, Compliance, and HR is essential to ensure effective risk management aligned with company policies and requirements.

• Maintain US Defense certification and accreditation.
• Support risk identification, assessment, response, mitigation, control monitoring, and reporting.
• Gather and evaluate information for auditors, regulators, and compliance partners.
• Develop and perform tests to evaluate key controls.
• Review test findings, identify control weaknesses, and recommend actions.
• Support issue management, risk acceptances, and corrective actions.
• Deliver high-quality reporting and communicate effectively in technical and business terms.
• Support workforce security activities, including culture, awareness, and training.
• Coordinate and respond to alerts, directives, and incident reports.
• Coordinate local incident response activities and liaise with security operations, business, regulators, and third parties.
• Complete supplier assurance questionnaires and conduct risk assessments.

• Develop, implement, and maintain governance, risk, and compliance processes.
• Improve security frameworks, methodologies, standards, and controls.
• Report findings, track status, and ensure corrective actions.
• Support operational reporting, management communications, and executive governance committees.
• Lead continuous improvement initiatives.
• Maintain relationships with auditors, regulators, and compliance partners.

• Support operation and administration of GRC systems for Cyber Security and IT.
• Develop and configure GRC system services and improvements.
• Specialize in questionnaires, workflows, reports, and dashboards.
• Serve as a resource to Cyber Security, IT/OT, and business teams on GRC matters.

• Follow all HSE rules and regulations.

Join our team to enhance governance, risk, and compliance processes and contribute to our continuous improvement initiatives!

• Bachelor's degree in a technology-related field or equivalent experience.
• 3+ years of experience in security and compliance, including cyber security governance, risk, and compliance management, and awareness of cyber threats and vulnerabilities.
• Proficiency in writing policies, procedures, and controls for various standards and frameworks, with experience working in large, highly regulated environments.
• Knowledge of aerospace regulations, export control requirements, and risk management processes.
• Experience with CMMC, NIST SP 800-171, NIST SP 800-53 frameworks.
• Experience coordinating third-party assessments.
• US Person status per ITAR regulations for export compliance.

• Ability to work independently and handle ambiguity.
• Knowledge of computer networking and security methodologies.
• Familiarity with RMF for US DoD security programs and risk management practices.
• Understanding of NISPOM, JSIG, ICD 503, and DCSA DAAPM.
• Knowledge of DISA STIG or equivalent guidance.
• Professional security certifications like CISSP, CISM, or similar.

We offer fantastic challenges and opportunities. This is your chance to be part of an innovative organization committed to pushing industry boundaries. With top-tier training, your potential is limitless.

Everyone is welcome to apply. We believe in diversity, inclusion, and belonging, creating an environment where everyone can contribute. Our culture, recognized with 'The Best Workplace Culture Award,' encourages everyone to bring their full selves to work.

We are committed to accessible recruitment and support reasonable adjustments during the process. Join us and help shape the future of aerospace innovation and technology.