Security Generalist – Cybersecurity Governance

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Industrial Technology, or a related field; or equivalent experience.
• 3–7 years of experience in Cybersecurity, governance, risk, and compliance (GRC), preferably within manufacturing or industrial environments.
• Strong understanding of Cybersecurity frameworks (NIST CSF, ISO 27001, CIS Controls).
• Familiarity with risk management and control assessment processes.
• Excellent documentation, analytical, and communication skills.

Nice To Haves

• Experience with operational technology (OT) or industrial control systems (ICS) Cybersecurity principles.
• Knowledge of relevant manufacturing compliance standards (e.g., NIST 800-171, ISA/IEC 62443).
• Certifications such as CompTIA Security+, CISA, CRISC, CISSP, or ISO 27001 Lead Implementer/Auditor.
• Familiarity with GRC tools and platforms.

Responsibilities

• Develop, maintain, and update Cybersecurity policies, standards, and procedures aligned with business and regulatory requirements (e.g., NIST CSF, ISO 27001).
• Support the enterprise risk management process by identifying, assessing, and tracking Cybersecurity risks across IT and OT environments.
• Conduct and document risk assessments for critical technology systems, vendors, and new technologies.
• Coordinate periodic reviews of policies and standards, exception management, and control testing activities.
• Assist in preparing security metrics and governance reports for leadership and Security Council.
• Support compliance initiatives related to internal Cybersecurity standards, relevant regulations and internal/external audits.
• Prepare documentation and evidence for internal and external audits.
• Partner with internal stakeholders to ensure security controls meet both regulatory and customer requirements.
• Assist in third-party risk assessments and vendor security reviews, ensuring suppliers and contractors meet corporate Cybersecurity standards.
• Maintain a vendor risk register and coordinate follow-up actions for identified issues.
• Support the delivery of Cybersecurity awareness and training programs tailored for plant floor employees and office staff.
• Stay current on evolving Cybersecurity regulations, manufacturing industry threats, and governance best practices.
• Recommend process improvements and assist in developing maturity roadmaps for security governance.
• Participate in the Cybersecurity incident response process, helping coordinate response, documentation, and post-incident analysis.
• Monitor and assist with security tool management (e.g., endpoint protection, SIEM alerts, access reviews).
• Ensure governance alignment between IT and OT security teams for effective control implementation and incident response.

Benefits

• bonus
• benefits
• pension contributions
• family-friendly benefits
• opportunities for career growth and advancement