Technical Lead II, Governance Risk and Compliance

Lincoln Electric is the world leader in the engineering, design, and manufacturing of advanced arc welding solutions, automated joining, assembly and cutting systems, plasma and oxy-fuel cutting equipment, and has a leading global position in brazing and soldering alloys. Lincoln is recognized as the Welding Expert™ for its leading materials science, software development, automation engineering, and application expertise, which advance customers' fabrication capabilities to help them build a better world. Headquartered in Cleveland, Ohio, Lincoln Electric is a $4.2B publicly traded company (NASDAQ:LECO) with over 12,000 employees around the world, with operations in 71 manufacturing and automation system integration locations across 21 countries and maintains a worldwide network of distributors and sales offices serving customers in over 160 countries.

Location: Remote - Virginia 
Employment Status: Salary Full-Time 
Function: Information Technology 
Pay Range: ($115,804.00 - $156,676.00)
Target Bonus: 25.0%
Req ID: 25802 

​

​

Job Responsibilities

PURPOSE: The Technical Lead II - IT Governance, Risk and Compliance will be responsible for ensuring that our company's IT systems, processes and information assets are protected in accordance with all relevant regulations and standards, such as SOX, NIST, CMMC, GDPR, ISO, AND TISAX. This role is part of a team of GRC professionals, collaborates with cross-functional teams, and implements robust strategies to maintain and enhance our compliance posture.
•    Work closely with enterprise technology, risk management, cybersecurity, and business teams to integrate compliance practices and align with industry standards. 
•    Collaborate with stakeholders across the organization to ensure a clear understanding of compliance requirements and alignment with business goals.
•    Establish and maintain strong relationships with stakeholders across technology, compliance, cybersecurity, audit, HR and third-party vendors. 
•    Work with internal/external auditors, regulators, business stakeholders and other functional areas such as Legal, Compliance and HR. 
•    Provide guidance and support to other members of the IT team on compliance-related issues.
•    Lead the development, implementation, and maintenance of comprehensive GRC strategies aligned with CMMC, SOX, ISO 27001, and TISAX standards.
•    Maintain and enhance compliance assessment toolkits for testing and validation
•    Develop, document, and implement IT compliance processes, procedures, and standards.
•    Stay up-to-date with changes in regulations, standards, and emerging regulatory requirements and ensure compliance.
•    Provide technical leadership for compliance / GRC projects.
•    Manage and maintain compliance-related documentation and records.
•    Provide technical expertise in GRC practices, focusing on CMMC, SOX, ISO 27001, and TISAX frameworks.
•    Serve as a subject matter expert (SME) for GRC-related matters, guiding the team and organization in compliance best practices.
•    Drive continuous improvement initiatives to enhance the efficiency and effectiveness of compliance processes and controls.
•    Lead evaluation, selection and implementation of automation and technology to streamline compliance activities and reporting.

•    Regularly assess and update the organization's compliance programs, policies, and procedures to meet changing regulatory landscapes.
•    Conduct regular risk assessments to identify potential compliance vulnerabilities and gaps.
•    Develop and implement risk mitigation plans to address identified issues and minimize exposure to compliance risks.
•    Collaborate with internal audit teams to support compliance audits and assessments.
•    Oversee the response process for customer cybersecurity inquiries, vendor questionnaires and compliance questionnaires. 
•    Develop and deliver relevant KPIs and metrics for management consumption.
•    Evaluate security controls and identify opportunities for improvement and communicate recommendations.
•    Identify and implement improvements to increase efficiency of the compliance program and processes.
•    Collaborate with the Lead, IT Policy and Security Awareness to develop and deliver training programs on IT compliance for employees across the organization.
•    Other duties as assigned
 

Job Requirements

  Bachelor's degree in Computer Science, Information Security, or related field is preferred.
•    7+ years of experience in IT compliance, with experience in SOX, NIST, CMMC, GDPR, and ISO.
•    Strong knowledge of relevant regulations and standards, such as SOX, NIST, CMMC, GDPR, ISO and TISAX.
•    Must be a US Citizen and currently working in the United States
•    Strong understanding of IT and cybersecurity principles, risk management, and compliance best practices.
•    Proven track record of leading and managing GRC initiatives and teams.
•    Experience developing and implementing IT compliance programs, processes, procedures, and standards.
•    Wide-ranging knowledge in technical infrastructure and applications, from legacy through next generation.
•    Proficient understanding of business focus and processes and the ability to inject cybersecurity compliance into the business through teamwork and influence.
•    Ability to maintain a high level of integrity, trustworthiness and confidence to represent the company and security leadership with the highest level of professionalism.
•    Excellent project management, personal and organizational skills.
•    Excellent communication and interpersonal skills.
•    Ability to work independently and as part of a team.
 

Lincoln Electric is an Equal Opportunity Employer. We are committed to promoting equal employment opportunity for applicants, without regard to their race, color, national origin, religion, sex (including pregnancy, childbirth, or related medical conditions, including, but not limited to, lactation), sexual orientation, gender identity, age, veteran status, disability, genetic information, and any other category protected by federal, state, or local law.