Execute an established A&A cybersecurity and compliance vision by translating strategy into operating processes, evidence, metrics, and sustained outcomes.
Lead the A&A security governance, risk, and compliance program across the product lifecycle.
Ensure alignment with key cybersecurity and quality standards, including CRA, IEC 62443, ISO 27001, and ISO 9001.
Translate regulatory and standards requirements into clear, actionable expectations for engineering and product teams.
Establish consistent, auditable security and compliance evidence for new products, sustaining engineering, and fielded systems.
Coordinate internal and external audits, manage audit findings, and drive corrective actions to closure.
Serve as the primary owner for security and quality controls and maintain defensible compliance posture.
Lead CRA readiness activities, including secure‑by‑design documentation, vulnerability management, SBOM requirements, and regulatory interpretation.
Drive adoption of IEC 62443 secure development lifecycle practices and support design reviews for compliance risks.
Manage risk acceptance, deviations, and exceptions, providing documented risk decisions and escalation support.
Lead responses to customer and third‑party security questionnaires, audits, and assessments.
Ensure customer security assurances are accurate, consistent, and reflective of actual product posture.
Define and maintain KPIs related to regulatory readiness, audit posture, and customer security risk trends.
Deliver executive‑level reporting and insights to support leadership decision‑making.
Lead, mentor, and develop a small team of security and compliance professionals.
Collaborate cross‑functionally with Engineering, Product, Legal, Privacy, Quality, and Enterprise Security to drive consistent compliance outcomes.

Requirements

A bachelor’s degree in Cybersecurity, Information Security, Computer Science, Computer Engineering, Electrical Engineering or related field.
Communicating Complex Concepts: Knowledge of effective presentation tools and techniques to ensure clear understanding; ability to use summarization and simplification techniques to explain complex technical concepts in simple, clear language appropriate to the audience.
Cybersecurity Standards and Policies: Knowledge of developing cybersecurity policies, standards and procedures; ability to develop and communicate policies, standards and procedures that guide interactions with customers.
Cybersecurity Risk Management: Knowledge of tools, techniques, approaches and processes of cybersecurity risk management; ability to ensure organizational network operation and minimize negative effect by cybersecurity risks.
Knowledge of the processes, tools and techniques of information security management; ability to deploy and monitor information security systems, while detecting, controlling and preventing violations of IT security.
Prior experience with external auditing
Previous experience with a Big Four consulting firm
Ability to fluently speak Spanish or Portuguese.

Benefits

Medical, dental, and vision benefits*
Paid time off plan (Vacation, Holidays, Volunteer, etc.)*
401(k) savings plans*
Health Savings Account (HSA)*
Flexible Spending Accounts (FSAs)*
Health Lifestyle Programs*
Employee Assistance Program*
Voluntary Benefits and Employee Discounts*
Career Development*
Incentive bonus*
Disability benefits
Life Insurance
Parental leave
Adoption benefits
Tuition Reimbursement

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecuritycompliancerisk managementinformation security managementauditingvulnerability managementsecure development lifecycleKPI developmentregulatory interpretationsecure-by-design documentation

Soft Skills

communicationpresentation skillsteam leadershipmentoringcross-functional collaborationsimplification techniquescustomer interactionproblem-solvingdecision-makingreporting