Technical Lead I, Governance Risk and Compliance

Cleveland, OH, US, 44117

Lincoln Electric

Lincoln Electric is the world leader in the design, development and manufacture of arc welding products, automated joining, assembly and cutting systems, plasma & oxy-fuel cutting equipment.

View all jobs at Lincoln Electric

Apply now Apply later

Lincoln Electric is the world leader in the engineering, design, and manufacturing of advanced arc welding solutions, automated joining, assembly and cutting systems, plasma and oxy-fuel cutting equipment, and has a leading global position in brazing and soldering alloys. Lincoln is recognized as the Welding Expert™ for its leading materials science, software development, automation engineering, and application expertise, which advance customers' fabrication capabilities to help them build a better world. Headquartered in Cleveland, Ohio, Lincoln Electric is a $4.2B publicly traded company (NASDAQ:LECO) with over 11,000 employees around the world, with operations in 71 manufacturing and automation system integration locations across 21 countries and maintains a worldwide network of distributors and sales offices serving customers in over 160 countries.

 

 Location: Remote - Virginia - Cleveland, OH, United States (US)
Employment Status: Salary Full-Time
Function: Information Technology
Req ID: 25352 

 

 

PURPOSE: The Technical Lead - IT Compliance will be responsible for ensuring that our company's IT systems, processes and information assets are protected in accordance with all relevant regulations and standards, such as SOX, NIST, CMMC, GDPR, ISO, AND TISAX. This role involves providing technical leadership and expertise on compliance initiatives, conducting audits and assessments, responding to cybersecurity questionnaires, supporting IT team members and mentoring IT GRC analysts.  This role is part a team of GRC professionals, collaborates with cross-functional teams, and implements robust strategies to maintain and enhance our compliance posture.

 

DUTIES AND RESPONSIBILITIES:

Cross-Functional Collaboration

  • Work closely with enterprise technology, risk management, cybersecurity, and business teams to integrate compliance practices and align with industry standards.
  • Collaborate with stakeholders across the organization to ensure a clear understanding of compliance requirements and alignment with business goals.
  • Establish and maintain strong relationship with stakeholders across technology, compliance, cybersecurity, audit, HR and third-party vendors.
  • Work with internal/external auditors, regulators, business stakeholders and other functional areas such as Legal, Compliance and HR.
  • Provide guidance and support to other members of the IT team on compliance-related issues.

Compliance Frameworks and Process

  • Maintain and enhance compliance assessment toolkits for testing and validation
  • Play a critical role in leading the development, implementation, and maintenance of comprehensive GRC strategies aligned with CMMC, SOX, ISO 27001, and TISAX standards.
  • Provide technical expertise in GRC practices, focusing on CMMC, SOX, ISO 27001, and TISAX frameworks.
  • Develop, document, and implement IT compliance processes, procedures, and standards.
  • Stay up-to-date with changes in regulations, standards, and emerging regulatory requirements and ensure compliance.
  • Provide technical leadership for compliance projects.
  • Manage and maintain compliance-related documentation and records.    
  • Serve as a subject matter expert (SME) for GRC-related matters, guiding the team and organization in compliance best practices.
  •  Drive continuous improvement initiatives to enhance the efficiency and effectiveness of compliance processes and controls.
  •  Leverage automation and technology to streamline compliance activities and reporting.

 

Audits and Assessments

  • Conduct regular audits and assessments to verify compliance with all applicable regulations and standards.
  • Regularly assess and update the organization's compliance programs, policies, and procedures to meet changing regulatory landscapes.
  • Conduct regular risk assessments to identify potential compliance vulnerabilities and gaps.
  • Develop and implement risk mitigation plans to address identified issues and minimize exposure to compliance risks.
  • Collaborate with internal audit teams to support compliance audits and assessments.
  • Oversee the response process for customer cybersecurity inquiries, vendor questionnaires and compliance questionnaires.
  • Develop and deliver relevant KPIs and metrics for management consumption.
  • Evaluate security controls and identify opportunities for improvement and communicate recommendations.
  • Identify and implement improvements to increase efficiency of the compliance program and processes.
  • Collaborate with the Lead, IT Policy and Security Awareness to develop and deliver training programs on IT compliance for employees across the organization.
  • Other duties as assigned

 

BASIC REQUIREMENTS

  • Bachelor's degree in Computer Science, Information Security, or related field is preferred.
  • 5+ years of experience in IT compliance, with experience in SOX, NIST, CMMC, GDPR, and ISO.
  • Strong knowledge of relevant regulations and standards, such as SOX, NIST, CMMC, GDPR, ISO and TISAX.
  • Must be a US Citizen and currently working in the United States
  • Strong understanding of IT and cybersecurity principles, risk management, and compliance best practices.
  • Proven track record of leading and managing GRC initiatives and teams.
  • Experience developing and implementing IT compliance programs, processes, procedures, and standards.
  • Wide-ranging knowledge in technical infrastructure and applications, from legacy through next generation.
  • Proficient understanding of business focus and processes and the ability to inject cybersecurity compliance into the business through teamwork and influence.
  • Ability to maintain a high level of integrity, trustworthiness and confidence to represent the company and security leadership with the highest level of professionalism.
  • Excellent project management, personal and organizational skills.
  • Excellent communication and interpersonal skills.
  • Ability to work independently and as part of a team.
  • Strong analytical and critical thinking skills.
  • Strong collaboration skills.
  • Robust ability to take the initiative to stay current, do research, self-educate
  • Strong results orientation
  • CISA, CGRC, CRISC, CIPP, CGEIT, or CISSP are required.
  • Familiarity with relevant compliance management software and tools.
  • Detail-oriented with a commitment to accuracy and data integrity.

 

Lincoln Electric is an Equal Opportunity Employer. We are committed to promoting equal employment opportunity for applicants, without regard to their race, color, national origin, religion, sex (including pregnancy, childbirth, or related medical conditions, including, but not limited to, lactation), sexual orientation, gender identity, age, veteran status, disability, genetic information, and any other category protected by federal, state, or local law.

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  1  0  0

Tags: Audits Automation CGRC CIPP CISA CISSP CMMC Compliance Computer Science CRISC GDPR Governance ISO 27001 KPIs NIST Risk assessment Risk management SOX TISAX Vulnerabilities

Perks/benefits: Career development Health care

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.