Senior IT Compliance Manager

What you will do

We are seeking a highly skilled and detail-oriented Senior IT Compliance Manager to join our Global Cybersecurity Governance, Risk, and Compliance (GRC) team. In this strategic role, you will lead the execution and continuous improvement of our global compliance program, ensuring alignment with business objectives and evolving regulatory requirements.

As a senior member of the Compliance function, you will serve as a subject matter expert, mentor junior team members, and collaborate with senior stakeholders across the organization to embed compliance into core business processes. This is an excellent opportunity for a results-driven professional who thrives in complex, fast-paced environments and is passionate about fostering a culture of integrity, accountability, and proactive risk management.

How you will do it

• Lead and manage internal and external audit engagements, ensuring timely evidence collection, issue remediation, and executive-level reporting.

• Design and oversee the compliance review and control testing program to evaluate adherence to regulatory requirements and internal policies.

• Develop and implement enterprise-wide compliance training initiatives to promote ethical behavior and regulatory awareness.

• Act as a strategic advisor to business units, offering expert guidance on complex compliance issues and regulatory interpretations.

• Oversee regulatory reporting processes, ensuring accuracy, timeliness, and compliance with evolving obligations.

• Own the governance and optimization of GRC platforms and tools, driving automation, scalability, and data integrity.

• Deliver executive dashboards and analytics that provide actionable insights into compliance posture, risk trends, and program effectiveness.

• Collaborate with Governance and Risk leaders to align compliance initiatives with broader GRC objectives and enterprise risk strategy.

What we look for

Required

• 6+ years of experience in Governance, Risk, Compliance (GRC), IT Audit, or Information Security, including 2+ years in a leadership or managerial role within an international organization.

• Proven track record in managing or leading GRC programs in complex, regulated environments.

• In-depth knowledge of regulatory frameworks and standards SOX and ISO 27001.

• Proficiency with GRC platforms (preferably AuditBoard).

• Strong analytical and problem-solving skills, with the ability to assess complex compliance challenges and develop effective solutions.

• Excellent communication and stakeholder management skills, with experience engaging senior leadership.

• Demonstrated ability to lead cross-functional initiatives and influence stakeholders without direct authority.

Preferred 

• CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), CISSP (Certified Information System Security Professional) or similar industry certification.

• Experience working with frameworks NIST, and PCI-DSS.

Our culture

At Johnson Controls you’ll have the opportunity to work on some of the most exciting projects in today’s market. Our hardworking people empower us, and we believe in being part of a team that is open, collaborative, results-oriented, hardworking and above all fun. 

We believe that diversity and inclusion matter and make a difference. By embracing the true value of diversity and inclusion, getting comfortable with having crucial conversations, and valuing different perspectives, we will be one of the most desirable places to work. 

#LI-BB1

#LI-Hybrid