FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.

Compliance and Risk Manager
Hexion Inc.Compliance and Risk Manager responsible for designing and improving Hexion's compliance programs. Managing enterprise risk management and ensuring audit readiness within the organization.
Core Competencies
Role fitCore Competencies
Use this summary to align your resume positioning with the role.
Demonstrates expertise in managing information security compliance programs, including ISO 27001 and SOC 2, while applying NIST 800-53 for enterprise risk governance. Proven ability to operationalize security frameworks and maintain internal controls assurance.
Highest-signal resume keywords
ISO 27001 Certification ManagementSOC 2 Compliance ProgramCIS Controls ProficiencyNIST 800-53 KnowledgeEnterprise Risk Management Experience
ATS Keywords
Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills
Information Security ComplianceRisk ManagementISO 27001ISO 27017ISO 27018SOC 2 Type IICIS ControlsNIST Risk Management FrameworkInternal Controls Assurance
Soft Skills
Strong Written Communication
Certifications & Qualifications
Bachelor's Degree in Information SecurityMaster's Degree Preferred
Industry Keywords
GRCEnterprise Risk ManagementInformation Security Management SystemCloud SecurityPrivacy Controls
Tech Stack
Tools & technologiesCloud
About the role
Key responsibilities & impact- Designing, implementing, and continuously improving Hexion's information security compliance and enterprise risk management programs
- Own Hexion's ISO 27001 Information Security Management System (ISMS) and related cloud-specific extensions
- Lead Hexion's SOC 2 compliance program
- Operationalize the CIS Controls as the enterprise's security baseline framework
- Maintain fluency in NIST 800-53 and apply it to enterprise risk governance
- Own the internal controls assurance program
Requirements
What you’ll need- Bachelor's degree in Information Security, Computer Science, Business Administration, or related field (Master's preferred)
- 7+ years of progressive experience in information security compliance, GRC, or risk management roles
- Demonstrated, hands-on experience managing ISO 27001 certification programs
- Deep knowledge of ISO 27017 and ISO 27018 cloud security and privacy controls
- Practical SOC 2 Type II experience
- Proficiency with CIS Controls (IG1 and IG2)
- Working knowledge of NIST 800-53 control families and the NIST Risk Management Framework
- Experience operating enterprise risk management programs
- Strong written communication
Benefits
Comp & perks- Remote-first position
- Periodic travel to manufacturing facilities, partner locations, and auditor or certification body engagements