IT Security Manager / Specialist

JAS is an international, non-asset-based supply chain services and solutions company. Our services include air and ocean freight forwarding, contract logistics, customs brokerage, distribution, inbound logistics, truckload brokerage and other supply chain management services, including consulting, the coordination of purchase orders and customized management services.

An Information Technology Governance, Risk, and Compliance (IT Security Manager / Specialist) Specialist is a vital member of an organization’s risk management and information security teams. This professional is responsible for designing, implementing, and maintaining frameworks and processes that ensure the organization’s technology operations comply with regulatory requirements, industry standards, and internal policies. The I.T. Manager / Specialist helps protect digital assets, reduce risks, and promote continuous improvement in governance and compliance efforts.

• Develop, update, and enforce IT governance frameworks, policies, and standards based on industry’s best practices and regulatory requirements.


• Collaborate with senior leadership and technical teams to align IT initiatives with organizational objectives and risk appetite.


• Monitor and assess the effectiveness of governance structures, recommending improvements as needed.


• Facilitate the deployment of governance tools and technologies to automate and streamline compliance and risk processes.


• Educate staff across the organization on governance principles, compliance requirements, and their roles in upholding standards.

Identify, assess, and document IT-related risks, including threats to data, systems, and infrastructure.

Develop risk management strategies and controls to mitigate identified risks within acceptable levels.

Perform regular risk assessments, vulnerability scans, and risk treatment plans for existing and new technologies.

Establish and maintain risk registers, reporting on trends, metrics, and risk levels to leadership and stakeholders.

Partner with IT and business units to ensure risk awareness and the implementation of effective controls.

Interpret, communicate, and ensure adherence to relevant governmental regulations (such as GDPR, HIPAA, SOX, PCI DSS) and industry standards (ISO 27001, NIST, CMMC, etc.).

Conduct compliance assessments, gap analyses, and internal audits to evaluate the organization’s compliance posture.

Coordinate with external auditors and regulatory bodies during inspections, audits, or assessments.

Document and track remediation efforts for compliance deficiencies or audit findings.

Develop and deliver compliance training programs for employees at all levels.

Draft, review, and update IT policies, standards, and procedures to reflect regulatory changes, technological advancements, and organizational needs.

Maintain a policy lifecycle management process, ensuring timely reviews and updates.

Ensure clear communication and accessibility of policies to all relevant stakeholders.

Participate in the development, implementation, and ongoing improvement of incident response plans and business continuity strategies.

Support investigations into IT security incidents, breaches, or policy violations, document findings, and recommend corrective actions.

Collaborate with cross-functional teams to test and refine response procedures through tabletop exercises and simulations.

Prepare regular and ad hoc reports for leadership, auditors, and regulators on risk, compliance, and governance matters.

Maintain clear and concise documentation of all GRC activities, decisions, and outcomes.

Promote a culture of transparency, ethical conduct, and continuous improvement in IT governance and compliance.

The JAS Forwarding Operations Compliance department is a twenty-four (24) hour per day, seven (7) day per week, and three hundred sixty-five (365) days per year operation. This position will be required to participate in a schedule that may require evening, weekend and holiday working hours.

While performing the duties of this job, the employee is regularly required to sit; stand; walk; use hands and finger to feel and handle; reach with arms and hands; talk and hear.

While performing the duties of this job, the employee frequently is required to stoop, kneel, and crouch; lift weight or exert a force up to a maximum of 25 pounds. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

The responsibilities associated with this job will change from time to time in accordance with the Company’s business needs. More specifically, the incumbent may be required to perform additional and / or different responsibilities from those set forth above.

The above declarations are not intended to be an all-inclusive list of the duties and responsibilities of the job described, nor are they intended to be such a listing of the skills and abilities required to do the job. Rather, they are intended only to describe the general nature of the job.

JAS is an Equal Opportunity Employer

JAS Forwarding (USA), Inc.