Senior Manager Technology and Cybersecurity Governance - Erlanger, KY

About The Position

Requirements

• Bachelor's degree in information technology, cybersecurity, business, or a related field. An MBA or advanced degree is preferred.
• Minimum of 8-10 years of progressive experience in IT or cybersecurity governance, risk, and compliance (GRC), with at least 5 years in a leadership or senior management role.
• Extensive experience within a global, publicly-traded company is essential.
• Experience in traditional IT and manufacturing Operational Technology (OT) environments and the distinct security and governance challenges they present.
• Strong leadership and team management skills, with the ability to build and motivate high-performing teams.
• Expert knowledge of regulations and frameworks, including SOX, SEC Cybersecurity Disclosure Rules, NIST CSF, NIST SP 800-30, NIST SP 800-37, NIST SP 800-39, NIST SP 800-53, NIST SP 800-82, NIS2, and ISO 27001.
• Professional certification such as CRISC, CGEIT, or CISA is required.
• Exceptional strategic thinking, communication, and presentation skills, with a proven ability to influence and collaborate with executive-level stakeholders.
• Willingness to travel internationally as needed.

Nice To Haves

• Proven experience with OT-specific security standards such as IEC 62443 is a significant advantage.

Responsibilities

• IT and Cyber Governance: Lead a team in developing and executing the company's global IT and cybersecurity governance strategy. Collaborate with leaders, staff, and other stakeholders to employ a GRC framework that is scalable, repeatable, measurable, and integrated into enterprise-wide risk management processes.
• Operational Technology (OT) Governance: Work with OT leadership to embed technology and cybersecurity governance without disrupting critical manufacturing processes. Provide guidance on implementing technology governance in manufacturing environments, including IT/OT intersections, industrial control systems (ICS), plant automation, and IoT.
• Global Policy and Standards: Own and manage the full lifecycle of IT and cybersecurity policies, standards, and procedures. Ensure these documents are not only compliant with global regulations but also practical and effective for both IT and Operational Technology (OT) environments.
• Cybersecurity, IT, and OT Frameworks: Apply industry frameworks (e.g., COBIT, NIST Cybersecurity Framework (NIST CSF), NIST SP 800-37 Risk Management Framework, NIST 800-39 Managing Information Security Risk, NIST SP 800-82 Guide to Operational Technology Security) to develop decision-making and accountability structures for governing IT, OT, and cybersecurity.
• Reporting and Communication: Define and report on key performance indicators (KPIs) and key risk indicators (KRIs) for the GRC program. Prepare communications on findings, risks, and strategic recommendations for senior management, audit committees, and the Board.
• Internal and External Assurance: Serve as the primary point of contact for IT and cyber governance-related internal and external audits. Support the audit response process and remediation activities to ensure timely and effective resolution of findings.
• Mentorship and Team Leadership: Provide mentorship and guidance to members of the governance team. Drive a collaborative culture with key stakeholders across IT, OT, Legal, Internal Audit, Compliance, ERM, and various global business units.
• Additional duties as assigned.