US IT Compliance Leader

About GlobalFoundries:

GlobalFoundries is a leading full-service semiconductor foundry providing a unique combination of design, development, and fabrication services to some of the world’s most inspired technology companies. With a global manufacturing footprint spanning three continents, GlobalFoundries makes possible the technologies and systems that transform industries and give customers the power to shape their markets. For more information, visit www.gf.com.

Summary of Role:
The United States IT Compliance Leader is responsible for achieving Information Technology compliance to US customer and regulatory requirements. This leader collaborates with senior leaders in IT, Government Affairs, Legal, and Product Security to define and implement IT policy, ensuring compliance to US requirements. In addition, this leader partners with key external stakeholders including US Government agencies and customers to align and communicate GF practices to requirements.
 

Essential responsibilities:
Ensures cybersecurity plans, controls, processes, standards, policies, and procedures are aligned to NIST 800-53 and overall US regulatory compliance

Leads GF’s Cybersecurity Model Certification (CMMC) program

Partners with Legal, Product Security, and IT to define, maintain, and implement policy to ensure US regulatory compliance (E.g. ITAR, DFARS, FedRAMP, Export Control)
Advise senior leadership on compliance trends, risks, and strategies.
Identify risks, report findings, and drive remediation efforts to address non-compliance issues.
Coordinate with internal and external auditors to provide evidence and ensure successful audit outcomes.

Serve as the primary IT point of contact for federal regulatory bodies, auditors, and compliance committees.
Stay informed about changes to federal regulations and industry standards, ensuring timely updates to policies and practices.

Recommend and implement process improvements to enhance compliance and reduce risks.

Preferred Qualifications:
Bachelor’s degree in Information Technology, Cybersecurity, Business Administration, or a related field.

Advanced certifications (e.g., CISSP, CISA, CISM, CRISC, CGEIT) are strongly preferred

8+ years of experience in IT compliance, IT audit, or related roles, preferably within a government or defense environment.

Deep knowledge of federal compliance frameworks, including NIST, FedRAMP, and ISO 27001.

Strong understanding of cybersecurity principles, IT systems, and data protection regulations.

Demonstrated ability to lead compliance efforts in a complex, regulated environment.

Exceptional analytical, problem-solving, and decision-making skills.

Effective communicator with experience presenting technical information to diverse audiences, including senior officials.
Active Secret or Top-Secret security clearance (or ability to obtain and maintain clearance).

Other Responsibilities:

Perform all activities in a safe and responsible manner and support all Environmental, Health, Safety & Security requirements and programs.

Expected Salary Range

The exact Salary will be determined based on qualifications, experience and location.

If you need a reasonable accommodation for any part of the employment process, please contact us by email at usaccommodations@gf.com and let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this email address. 

An offer with GlobalFoundries is conditioned upon the successful completion of pre-employment conditions, as applicable, and subject to applicable laws and regulations. 

GlobalFoundries is fully committed to equal opportunity in the workplace and believes that cultural diversity within the company enhances its business potential. GlobalFoundries goal of excellence in business necessitates the attraction and retention of highly qualified people. Artificial barriers and stereotypic biases detract from this objective and may be illegally discriminatory. 

All policies and processes which pertain to employees including recruitment, selection, training, utilization, promotion, compensation, benefits, extracurricular programs, and termination are created and implemented without regard to age, ethnicity, ancestry, color, marital status, medical condition, mental or physical disability, national origin, race, religion, political and/or third-party affiliation, sex, sexual orientation, gender identity or expression, veteran status, or any other characteristic or category specified by local, state or federal law