Cyber Governance, Risk, & Compliance Manager

Element Materials Technology•Blue Ash, OH

17d

About The Position

This role is central to strengthening and advancing the organization’s cybersecurity control framework across global operations. As a strategic and hands-on cyber risk professional, you will drive consistency, compliance, and maturity in cyber governance, risk management, and audit practices, directly supporting the Regional Director of Cyber Security. The successful candidate will have a proven background in cyber risk and compliance functions within regulated industries, demonstrating both tactical and strategic expertise. Experience in managing cyber risk across multiple jurisdictions (US, UK, EU) and driving regulatory alignment is essential. You will be highly organized, detail-oriented, and documentation-focused, with the ability to influence and build collaborative relationships at all levels. This role is a functional management role, non-supervisory, that will have ownership of and directly responsible for daily execution of GRC tasks.

Requirements

Deep understanding of cyber risk management frameworks (NIST, ISO 27001, CRI Cyber Risk Profile).
Experience with regulatory compliance and alignment across global jurisdictions.
Strong communication skills, capable of translating technical risk into clear, executive-level reporting.
Highly developed influencing skills, able to build buy-in and foster a positive cybersecurity culture.
Proven track record in cyber risk management, policy development, and audit readiness.
Demonstrable experience in cyber risk and compliance roles within regulated industries.
Experience overseeing vendor and third-party risk management.
Proven ability to manage and deliver complex projects across multiple geographies.
Experience engaging with senior stakeholders, including board-level executives.

Nice To Haves

Experience with CMMC certification audits or CMMC Certified Assessor or Professional certified.
Supporting governance or accreditation of IT systems used in support of US defense contracts.

Responsibilities

Lead and Develop GRC Practices:Champion the development and implementation of global Cyber GRC practices, ensuring robust cyber risk management and governance across all business units.
Policy and Standards Management:Maintain, enhance, and align cybersecurity policies, standards, and documentation to meet regulatory, audit, and business requirements.
Vendor and Third-Party Assurance:Oversee vendor and third-party due diligence, supplier notifications, and control assurance activities to safeguard organisational interests.
Risk Monitoring and Reporting:Utilise industry-standard tools to monitor, assess, and report on cyber risks, translating technical findings into actionable insights for senior stakeholders.
Stakeholder Engagement:Prepare board-level reporting and engage with executive leadership across global regions, simplifying complex technical risk concepts for non-technical audiences.
Collaboration:Work closely with Technology and Cyber Operations teams to ensure alignment and effective risk mitigation.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume