Cyber Security Governance, Risk, and Compliance (GRC) Lead

Position Overview

As the commercial vehicle industry undergoes its most significant transformation in a century, International is leading the charge. We're not just supplying trucks, buses, and engines; we're redefining transportation. Embracing a bold digital transformation, International is ushering in a new era of complete and sustainable transport solutions.

The Cyber Security Governance, Risk, and Compliance (GRC) Lead involves a variety of skills and responsibilities to ensure an organization's security posture aligns with regulatory requirements and identifies, tracks, and manages risks effectively.

This position will be based out of our World Headquarters in Lisle, Illinois, a suburb outside of Chicago.

Responsibilities

Developing GRC Frameworks: Establish and manage governance structures, risk management strategies, and compliance programs.

Conducting Risk Assessments: Regularly evaluate the IT & OT organization's risk landscape and implement mitigation strategies.

Ensuring Compliance: Monitor IT & OT adherence to regulatory requirements and industry standards.

Policy Development: Create and update security policies and procedures to align with business goals and regulatory mandates.

Training and Awareness: Conduct training sessions to educate employees about security policies and best practices.

Audit Management: Facilitate internal and external audits to ensure compliance and identify areas for improvement.

Reporting: Provide regular reports to senior management on GRC activities, risk status, and compliance metrics.

Minimum Requirements

Bachelor’s degree

At least 10 years of information technology security experience

At least 4 years of management experience

OR

At least 12 years of information technology security experience

At least 4 years of management experience

Additional Requirements

Qualified candidates, excluding current employees, must be legally authorized on an unrestricted basis (US Citizen, Legal Permanent Resident, Refugee or Asylee) to be employed in the United States. We do not anticipate providing employment related work sponsorship for this position (e.g., H-1B status)

Desired Skills

Risk Management: Ability to identify, assess, track, and manage risks.

Compliance Knowledge: Understanding of relevant regulations and standards (e.g., GDPR, HIPAA, ISO 27001).

Cybersecurity Expertise: Knowledge of security controls, threat analysis, and vulnerability management.

Analytical Skills: Strong ability to analyze data and trends to identify potential security issues.

Communication: Effective communication skills to convey complex security concepts to non-technical stakeholders, including reporting a consolidated view of the company’s cyber risk profile and direct responsibility for remediation and improvement plans.

Project Management: Ability to manage and coordinate GRC initiatives and projects.

Managed Service Oversight: Ability to manage third-party suppliers of GRC and other related managed services.

Attention to Detail: Precision in monitoring compliance and risk management processes.

Benefits and Compensation

We provide a competitive total rewards package which ensures job satisfaction both on and off the job. We offer market-based compensation, health benefits, 401(k) match, tuition assistance, EAP, legal insurance, an employee discount program, and more.

For this position, the expected salary range will be commensurate with the candidate’s applicable skills, knowledge and experience.

You can learn more about our comprehensive benefits package at

EEO Statement

We are an Equal Opportunity Employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other legally protected characteristics.

If you are a qualified individual with a disability and require a reasonable accommodation to access the online application system or participate in the interview process due to your disability, please email to request assistance. Kindly specify Job Requisition Number / Job Title and Location in response. Otherwise, your request may not be considered.

Regular Full Time Employee