Senior Information Security Risk and Compliance Specialist

PPG Industries
Piatt Township, United States of America
4 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Piatt Township, United States of America

Tech stack

Amazon Web Services (AWS)
Software System Penetration Testing
Azure
Cloud Computing Security
Computer Security
Disaster Recovery
Identity and Access Management
Network Security
Network Architecture
PCI Data Security Standards
Cloud Services
Software Vulnerability Management
Data Logging
Google Cloud Platform
Cloud Platform System
Information Technology
Operational Systems
ServiceNow

Job description

  • Participate in global IT risk management, cybersecurity compliance, and governance projects from planning through execution, reporting, and remediation tracking.
  • Perform information security risk assessments for applications, infrastructure, cloud solutions, and business initiatives.
  • Support control testing and compliance assessments against frameworks such as NIST CSF, NIST 800-53, ISO 27001, and internal policies.
  • Assist with third-party / vendor cybersecurity risk assessments during onboarding and periodic reviews.
  • Evaluate vendors based on security questionnaires, penetration testing results, and contractual security requirements.
  • Collaborate with business and IT teams to mitigate identified risks through practical and achievable action plans.
  • Review work papers, planning documents, audit reports, and technical evidence to ensure accurate identification of risks and issues.
  • Communicate findings timely and partner with control owners to develop remediation plans.
  • Assist with security governance committees, metrics reporting, and risk dashboards.
  • Develop and document risks for critical systems, crown jewel assets, cloud environments, and key business processes.
  • Review IT processes for control weaknesses and non-compliance issues and initiate corrective actions.
  • Provide support for Disaster Recovery, Business Continuity, and operational resilience planning.
  • Assist in tabletop exercises, incident response governance, and lessons learned remediation tracking.
  • Assist with identity and access governance reviews including privileged access, segregation of duties, and user recertifications.
  • Develop methods to monitor and measure risk, compliance, and assurance efforts using metrics and KPIs.
  • Interpret and apply applicable laws, regulations, and industry requirements into security controls and policy requirements.
  • Perform Security Site Assessments at manufacturing plants, warehouses, laboratories, and office locations to evaluate physical security, cybersecurity controls, network infrastructure, operational technology (OT) environments, and compliance with corporate security standards.

Requirements

  • 5+ years of experience in IT, cybersecurity, audit, risk management, or related discipline.
  • Bachelor's degree in information technology, Cybersecurity, Computer Science, Business, or related field preferred.
  • Working knowledge of security frameworks such as NIST CSF, NIST 800-53, ISO 27001, and SOC frameworks.
  • Experience supporting regulatory compliance programs such as SOX, PCI DSS, GDPR, or similar is a plus.
  • Experience performing Third-Party Risk Assessments / Vendor Security Reviews is strongly preferred.
  • Understanding of common security domains including IAM, network security, endpoint security, vulnerability management, logging/monitoring, and incident response.
  • Familiarity with cloud security concepts for Azure, AWS, or Google Cloud is a plus.
  • Experience using governance, risk, and compliance (GRC) tools such as AuditBoard, Archer, ServiceNow, OneTrust, or similar is preferred.
  • Relevant certifications such as Security+, CISA, CRISC, CISSP, ISO 27001 Lead Implementer/Auditor are a plus.

Benefits & conditions

Proactivos. Audaces. Confiables. Todo lo que hacemos comienza con nuestros clientes.

Escuchamos, actuamos rapido y no nos detenemos hasta resolver sus mayores desafios.

Cuando nuestros clientes ganan, todos crecemos.

Actuamos con proposito y rapidez

Agiles. Basados en datos. Empoderados. Tomamos riesgos inteligentes para mantenernos

por delante de la competencia. Trabajamos proactivamente con agilidad, utilizando datos

de calidad para desarrollar soluciones que generen valor.

Operamos con excelencia

Productivos. Colaborativos. Responsables. Sin importar nuestro rol, identificamos problemas,

asumimos la responsabilidad y siempre aportamos soluciones. Somos proactivos y tambien

damos respuesta para impulsar la mejora continua y obtener resultados. Apoyamos a nuestro

personal de primera linea, las caras de PPG para nuestros clientes.

Competimos para ganar

Enfocados en el futuro. Impulsados. Ambiciosos. Nos apasiona hacer crecer nuestro

negocio y ganar con nuestros clientes. Entregamos resultados, adoptamos nuevas

tecnologias y aprovechamos la agilidad y la velocidad como fortalezas.

Somos orgullosamente PPG

Fuertes. Unidos. Apasionados. Trabajamos de manera segura, actuamos con integridad

y valoramos nuestras diversas perspectivas. Celebramos los logros y nos enorgullece el

impacto positivo que creamos juntos para proteger y embellecer el mundo.

En PPG utilizamos inteligencia artificial en el proceso de contratacion para hacerlo mas eficiente. Las herramientas de IA no toman decisiones de contratacion. Puede obtener mas informacion visitando https://careers.ppg.com/mx/es/candidate-resources.

PPG ofrece igualdad de oportunidades a todos los candidatos y empleados. Brindamos la oportunidad de crecer y desarrollar su carrera en un entorno que proporciona un lugar de trabajo satisfactorio para los empleados, crea un ambiente de aprendizaje continuo y acoge las ideas y la diversidad de los demas. Todos los solicitantes calificados seran considerados para el empleo sin distincion de sexo, embarazo, raza, color, credo, religion, origen nacional, edad, estado de discapacidad, estado civil, condicion de veterano, orientacion sexual, identidad o expresion de genero.

Si necesita un ajuste debido a una discapacidad, envie un correo electronico a recruiting@ppg.com.

Los rangos salariales y beneficios de PPG pueden variar segun la ubicacion, lo que nos permite compensar a los empleados de manera competitiva en diferentes mercados geograficos. PPG considera varios factores al tomar decisiones de compensacion, incluyendo, pero no limitandose a, habilidades, experiencia y capacitacion, calificaciones y educacion, licencias y certificaciones, y otras necesidades organizativas. Pueden aplicarse otros incentivos.

Nuestros programas de beneficios para empleados estan disenados para apoyar la salud y el bienestar de nuestros colaboradores. Cualquier cobertura de seguro y beneficios se regira por los terminos y condiciones de los planes aplicables y los documentos normativos asociados. Los beneficios seran discutidos con usted por su reclutador durante el proceso de contratacion.

Apply for this position