Manager, Governance, Risk & Compliance

At Wolfspeed, we do amazing things in a human way.

We know that the achievements of our organization are due to the passion, hard work and creativity of our employees. We celebrate different perspectives to foster excellence across our organization, and our goal is to make diversity a foundation of what we do. We are proudly building an environment where you can bring your authentic self to work.

• Enjoy doing things that people say can’t be done? Innovation is at the center of everything we do.
• Hate red tape? We remove roadblocks instead of creating them.
• Working parent? We provide childcare assistance and paid parental leave.
• Student? We offer continuing education assistance.
• Looking for community? There are many ways to get involved, from Employee Resource Groups to local outreach.

Here’s the Gist:

Wolfspeed's Governance Risk & Compliance (GRC) Team is part of the Cybersecurity organization within IT.  As part of the CISO’s cybersecurity organization, the GRC team is responsible for managing IT security controls for SOX and other non-regulatory control frameworks. GRC also establishes and promotes security policy and standards throughout the company, conducts vendor/supply chain security risk assessments, and manages IT risk exceptions.

The Day-to-Day:

• Understanding and applying cybersecurity frameworks and standards (e.g., NIST CSF) and have the ability to assess financial, operational, and regulatory risks as they relate to the use of information technology.
• Understanding the business processes, internal control risk management, and IT general controls (ITGCs) to be able to test applications, operating systems, and databases for SOX compliance.
• Managing a team that drives SOX and non-regulatory compliance programs, creation and management of Cybersecurity Policies and Standards, Third-party Risk Managment program, Exception Management, and Cybersecurity Communications & Training.
• Serve as a liaison to internal and external auditors to oversee the IT portion of security control testing and follow up and/or escalate as necessary.

This Job is Right for You if You Have (Minimum Requirements):

We are looking for intelligent, driven individuals who are passionate about what they do and have exceptional teamwork skills. In particular, we're looking for candidates with:

• Bachelor’s degree preferred or equivalent work experience
• 8+ years experience in IT Audit, IT Risk management, IT Compliance, or Cybersecurity Consulting
• Strong experience with Governance, Risk and Compliance for controls and policy, IT Control self-assessment and measurement, remediation and exception management, reporting and advanced IT risk evaluation and compliance dashboard
• Strong experience with general Cybersecurity programs, CISSP a plus
• Technology experience with a variety of IT environments (e.g., multi-tenant cloud, on-premise data centers, SaaS integrations, etc.)
• In-depth knowledge of IT GRC platforms (e.g., RSA Archer, Auditboard)
• Project management experience
• 5+ years managing SOX and DFARS/NIST 800-171 programs and experience with other security frameworks. TiSAX framework experience a plus. 

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, disability status, protected veteran status, or any other characteristic protected by law.