TISAX & GRC Administrator

About The Position

Requirements

• Bachelor’s degree in Information Security, Computer Science, Risk Management, or a related field (or equivalent experience).
• Strong understanding of TISAX, ISO/IEC 27001, or other relevant information security standards.
• Experience with compliance management, audits, or certification processes in the automotive or manufacturing sector is preferred.
• Experience with GRC frameworks (e.g., ISO 27001, NIST, TISAX, SOX) preferred.
• 1+ years of hands-on experience administering OneTrust or similar GRC platforms.
• Strong analytical and problem-solving skills.
• Excellent organizational and communication abilities.
• Ability to interpret regulatory requirements and translate them into practical procedures.
• Proficiency with documentation and record-keeping tools.
• Ability to work independently and in cross-functional teams.
• Attention to detail and a commitment to maintaining confidentiality.

Nice To Haves

• OneTrust certification or formal training.
• Experience with data privacy, third-party risk management, and incident response.
• Knowledge of regulatory compliance requirements relevant to the automotive and manufacturing industries.
• Proficiency in report generation and data analysis.
• TISAX Practitioner or related certification.
• ISO/IEC 27001 Lead Implementer or Auditor.
• Certified Information Systems Security Professional (CISSP) or similar.

Responsibilities

• Oversee the implementation and maintenance of TISAX compliance across the organization.
• Coordinate internal and external TISAX assessments, audits, and certification processes.
• Develop, update, and manage policies, procedures, and documentation related to information security and TISAX standards.
• Monitor changes in TISAX requirements and ensure timely updates to organizational practices.
• Provide training and awareness programs for staff regarding TISAX and information security best practices.
• Act as the main point of contact for TISAX-related inquiries from customers, partners, and auditors.
• Collaborate with IT, legal, and business departments to ensure cross-functional compliance efforts.
• Maintain records of assessments, findings, corrective actions, and ongoing compliance status.
• Report regularly to management on TISAX compliance status, risks, and improvement opportunities.
• OneTrust Platform Administration: Configure, maintain, and optimize OneTrust modules to support GRC activities, including policy management, risk assessments, compliance tracking, and reporting.
• Policy and Procedure Management: Support the creation, review, dissemination, and tracking of policies and procedures within OneTrust, ensuring proper version control and stakeholder notification.
• Risk Management: Facilitate risk identification, assessment, mitigation, and monitoring processes using OneTrust’s risk management tools. Maintain risk registers and generate regular risk reports for leadership.
• Compliance Monitoring: Track regulatory and internal compliance requirements, monitor compliance status, and assist with audit preparation and evidence collection within OneTrust.
• Incident and Issue Management: Support the logging, investigation, and resolution of incidents and issues in OneTrust, ensuring timely follow-up and proper documentation.
• User Support and Training: Provide guidance and training to end users on OneTrust functionalities, best practices, and GRC processes. Serve as the primary point of contact for OneTrust-related inquiries.
• Reporting and Analytics: Generate dashboards and reports in OneTrust to provide insights into GRC metrics, trends, and program effectiveness for management and stakeholders.
• Work closely with IT, Security, Legal, and Business teams to ensure integrated risk and compliance management.
• Stay up-to-date on industry best practices, regulatory changes, and OneTrust platform enhancements.
• Identify opportunities for process improvements and automation within the GRC and TISAX domains.

Benefits

• Competitive Salary
• Medical, Dental, and Vision Benefits
• Flexible and Dependent Care Spending Accounts
• 401(k) Savings Plan Matching
• Vacation Days
• Life Insurance
• Tuition Reimbursement