EnerSys

Cybersecurity GRC Program Manager

EnerSys

full-time

Posted on:

Location Type: Hybrid

Location: ReadingPennsylvaniaUnited States

Visit company website

Explore more

AI Apply
Apply

Tech Stack

Cyber Security

About the role

  • Provide GRC guidance and interpretation of rules, regulations, risks, and best practices.
  • Execute cybersecurity risk assessment and control attestation processes, including ongoing and annual assessments.
  • Collaborate with Internal and External Auditors on security assessments and audits.
  • Review control effectiveness evidence, collect, review, and upload evidence for compliance purposes.
  • Document emerging and residual risk, assist in risk analysis and evaluation, and identify potential areas of risk.
  • Engage with internal teams and consultants to ensure adherence to processes and troubleshoot, identify, analyze, and mitigate risks in existing processes, policies, and procedures.
  • Lead the information security compliance program, ensuring compliance with regulations, and develop and implement effective policies and practices to secure sensitive data.
  • Communicate operational metrics and trend analysis for IT Leadership, and collaborate with cross-functional teams to align GRC efforts with business objectives.
  • Stay up to date on regulatory developments and industry trends.
  • Expected to travel up to 10% each year.

Requirements

  • A degree in a technical field (Computer Science, Information Systems, or Cybersecurity) is preferred but not required.
  • 5+ years of experience in Information Technology and client/customer management.
  • Strong understanding of cybersecurity principles, risk management frameworks, and compliance standards (e.g., CMMC, EU CRA, NIS2, TISAX, Essential Eight, IEC 62443, NIST CSF&RMF, ISO 27001).
  • Experience working with internal and external auditors.
  • Excellent communication and interpersonal skills: Oral, written and listening.
  • Strong analytical and problem-solving abilities.
  • Ability to work independently and collaboratively in a cross-functional environment.
  • Relevant IT certification (e.g., CISSP, CISM, CISA, CRISC) other relevant certifications are preferred.
Benefits
  • Hybrid Work Schedule Monday & Friday: Work from home
  • Tuesday, Wednesday, Thursday: Onsite at the Reading, PA office
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
cybersecurityrisk assessmentcontrol attestationrisk analysiscompliancepolicy developmentdata securitytrend analysisGRC guidancecontrol effectiveness
Soft Skills
communicationinterpersonal skillsanalytical skillsproblem-solvingcollaborationindependenceleadershipclient managementteamworktroubleshooting
Certifications
CISSPCISMCISACRISC