CrawlJobs Logo

Cybersecurity Governance, Risk, Compliance, Training & Resilience Manager

aptiv.com Logo

Aptiv plc

Location Icon

Location:
United States , Boston

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

120000.00 - 180000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

We are hiring a Manager to lead the day-to-day execution of cybersecurity Governance, Risk & Compliance (GRC) and enterprise resilience programs across both Wind River and Aptiv. This dual-entity role will serve as a key operational leader, ensuring regulatory compliance, audit readiness, risk tracking, and documentation integrity across multiple frameworks including ISO 27001, NIST 800-171, SOX, GDPR, FedRamp, CMMC and TISAX. While the Director maintains strategic ownership of all four functional areas (GRC, TPRM, Training, and Resilience), this role will provide hands-on coverage for Wind River’s TPRM and Training efforts, working closely with the Aptiv TPRM & Training Manager to ensure continuity and alignment. In addition, this role will own GRC workstreams supporting OneAptiv integration, directly supporting Aptiv, Wind River, and other OneAptiv companies as needed, including TSA execution and M&A onboarding. This position is critical to stabilizing day-to-day operations and enabling long-term scalability across the enterprise.

Job Responsibility:

  • Lead execution of GRC programs across Aptiv and Wind River, including control maintenance, risk register updates, and audit readiness
  • Maintain documentation, controls, and audit-ready evidence for ISO 27001, NIST 800-171, TISAX, SOX, NIS2, CMMC and GDPR across both Aptiv and Wind River, incorporating new regulatory or customer requirements as they arise
  • Administer GRC tooling (ZenGRC, AuditBoard, ServiceNow), ensuring accuracy, auditability, and workflow continuity
  • Manage internal risk exceptions, maturity roadmaps, and control owners’ engagement
  • Provide daily operational support to maintain compliance posture and support regulatory assessments
  • Own documentation and execution for business impact assessments (BIAs), continuity planning, and tabletop exercises
  • Coordinate resilience planning with cross-functional partners including IT, Facilities, Cyber Defense, and Legal
  • Maintain continuity playbooks, incident response records, and recovery planning materials
  • Provide execution support for Wind River’s third-party risk assessments, evidence collection, and remediation tracking
  • Execute and drive enforcement of cybersecurity right-to-audit clauses with vendors and partners
  • Review and provide redlines on cybersecurity and compliance sections of both buy-side and sell-side contracts
  • Collaborate with the Aptiv TPRM Manager to align vendor risk governance across both companies
  • Help coordinate Wind River’s cybersecurity awareness campaigns, mandatory training compliance, and role-based content support
  • Lead evidence preparation and walkthroughs for external audits, customer assessments, and internal audit reviews
  • Maintain and update System Security Plans (SSPs), Plans of Action & Milestones (POA&Ms), and customer documentation requests
  • Coordinate audit response activities across control owners, internal SMEs, and external parties
  • Support cybersecurity onboarding and governance alignment for newly acquired companies
  • Assist with Transitional Services Agreements (TSA) by managing control design, evidence preparation, and GRC tooling integration
  • Track risks and compliance issues related to integration timelines, especially where inherited entities lack cybersecurity maturity
  • Support Director-led strategic initiatives through dependable execution and documentation follow-through
  • Work closely with Architecture, Legal, Product Security, and external vendors to manage dependencies and unblock progress
  • Escalate capacity or clarity issues early to avoid unnecessary risk acceptance or execution gaps

Requirements:

  • 7–10+ years of cybersecurity risk, compliance, audit, or GRC program experience
  • Experience managing or contributing to ISO 27001, NIST 800-171, SOX, GDPR, or TISAX efforts
  • Proficiency with GRC platforms and internal controls execution
  • Strong writing and documentation skills
  • Must reside in Greater Boston area with ability to be present on site at least 3 days/weekly
  • United States Citizenship required

Nice to have:

  • Experience working in a multi-entity environment or during M&A integration
  • Familiarity with SBOM, secure SDLC, vendor risk workflows, and cybersecurity awareness campaigns
  • CISA, CISSP, CISM, ISO Lead Auditor, or similar certification preferred
  • Strong stakeholder management and execution discipline across matrixed teams
What we offer:
  • Hybrid work model for workplace flexibility
  • Comprehensive health, dental, and life insurance
  • Short and long-term disability coverage
  • RRSP matching for financial security
  • Flexible time-off policies for work-life balance
  • Employee assistance program for mental well-being
  • Learning benefits, including a LinkedIn Learning subscription and seminars

Additional Information:

Job Posted:
February 19, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Aptiv plc - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Cybersecurity Governance, Risk, Compliance, Training & Resilience Manager

New

Vice President - Information Technology and Cyber Risk Management

The Vice President, Information Technology and Cyber Risk Management (ITCRM) pos...
Location
Location
United States Of America , NEW YORK NY OR ISELIN NJ
Salary
Salary:
150000.00 - 185000.00 USD / Year
credit-agricole.com Logo
Crédit Agricole
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • College Degree BA/BS
  • 5+ years of experience with oversight responsibilities in Operational Risk, Information Technology, Cybersecurity and/or Operational Resilience within a 2nd Line of Defence function such as Risk Management or Compliance OR 8-15 years of experience in risk related functions such as 1st line Governance Risk, and Compliance (GRC) or 3rd Line Internal Audit functions focused on Information Technology, Cyber Security, and/or Operational Resilience
  • Certified in Risk and Information Systems Control (CRISC)
  • Regulatory experience
  • Detailed Oriented, articulate and possessing good communication skills
  • Excellent Analytical Skills
  • Resourceful in identifying, following up and resolving issues
  • Strong team spirit and work ethic
  • Strong written and verbal communication skills
  • Ability to collaborate across the organization and manages relationships
Job Responsibility
Job Responsibility
  • Oversee and provide effective challenge of First Line of Defence implementation of enterprise and operational risk management frameworks for ICT Risks
  • Monitor Key Risk, Key Performance, and Key Control Indicators for Information and Communications Technology across all business units, aggregate reporting to Risk Committees and escalate any breaches of established tolerances and thresholds
  • Support regulatory exams by preparing materials, responding to regulatory inquiries, and presenting on continuous monitoring sessions to regulators
  • Perform analysis on quarterly reports from various US operations and create a consolidated quarterly risk reports to be presented at various risk committees on ICT Risk
  • Manage issues across the issue management lifecycle
  • Monitor regulatory rule changes and conduct training and awareness sessions as needed to business leaders across the 1st line
  • Collaborate with other Risk Management functions to identify top and emerging risks to ensure appropriate visibility of the evolving landscape within Information and Communications Technology
  • Fulltime
Read More
Arrow Right

Global Chief Information Security Officer

The Global Chief Information Security Officer (GCISO) will lead Allied Universal...
Location
Location
United States , Irvine
Salary
Salary:
275000.00 - 350000.00 USD / Year
aus.com Logo
Allied Universal®
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in computer science, Information Technology, cybersecurity, or a related field
  • Minimum of fifteen (15) years of progressive experience in cybersecurity
  • Minimum of seven (7) years in a senior management role in an information security function
  • Experience in managing, responding to, and mitigating cyber incidents
  • Experience or familiarity with government contracting and public and private company cybersecurity reporting requirements
  • Hands-on cyber incident response coordination and oversight experience
  • Expertise in risk-based frameworks (NIST CSF, ISO 27001, SOC 2, CMMC, NIST 800-171) and familiarity with applicable regulatory regimes (SEC, GDPR, state breach laws, etc.)
  • Proven ability to engage with CEO, Board of Directors, and Executive Team on cybersecurity strategy and governance
  • Ability to operate effectively as both strategist and practitioner, a player-coach who drives global cybersecurity direction while engaging hands-on to guide, mentor, and resolve complex technical and operational challenges
  • Strong leadership skills as well as the ability to work and communicate (verbal, written, and interpersonal) effectively with other leadership and their teams
Job Responsibility
Job Responsibility
  • Develop and execute a global, risk-based cybersecurity strategy and program aligned with Allied Universal’s business objectives
  • Establish, communicate, and oversee governance of enterprise-wide cybersecurity policies, standards, and controls that are appropriate for the company’s diverse global operations
  • Lead, mentor and manage Regional Cybersecurity Leaders to promote consistency, accountability, and operational effectiveness across all regions
  • Define and monitor key risk indicators, cybersecurity metrics, and maturity objectives to inform executive decision-making and drive ongoing program improvement
  • Oversee global monitoring, detection, and response capabilities that provide 24×7 visibility into potential cyber risks and support timely containment activities
  • Identify and assess emerging threats, technologies, and vulnerabilities to support informed planning and risk mitigation efforts
  • Provide recommendations regarding cybersecurity investments and resource allocation, helping prioritize efforts based on risk, business impact, and value
  • Foster a culture of cybersecurity awareness, ownership, and accountability across all functions and geographies
  • Coordinate, develop, and implement programs designed to train Allied Universal’s workforce regarding the company’s cybersecurity requirements, including applicable cybersecurity laws and requirements and responding to evolving cybersecurity threats
  • Evaluate emerging threats and vulnerabilities, driving continuous improvement of the company’s cybersecurity posture as appropriate
What we offer
What we offer
  • Medical, dental, vision, supplemental income plan with a company match, basic life, AD&D, and disability insurance
  • Eight paid holidays annually, five sick days, and four personal days
  • Executive Flex Vacation Plan
  • annual bonus, equity package
  • Fulltime
Read More
Arrow Right

Security GRC Analyst

Juni is seeking a Security GRC (Governance, Risk, and Compliance) Analyst to pla...
Location
Location
Sweden , Stockholm; Gothenburg
Salary
Salary:
Not provided
juni.co Logo
Juni
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2 to 4 years of experience in information security governance, risk, or compliance roles
  • Demonstrated experience with compliance frameworks and regulations (e.g., PCI DSS, ISO 27001, GDPR, PSD2, EBA outsourcing and DORA)
  • Degree in Cybersecurity or Information Systems or similar
  • Knowledge of security frameworks (e.g., CIS Controls, NIST CSF)
  • Solid understanding of risk assessment methodologies and hands-on experience with risk registers and third-party risk management
  • Experience in coordinating activities for security certifications and audits
  • Ability to develop and track security metrics (KPIs)
  • Strong analytical, problem-solving, and organisational skills
  • Excellent communication skills, comfortable presenting to various stakeholders
  • A proactive and independent worker who is also a strong team player
Job Responsibility
Job Responsibility
  • Maintain and update core security documentation, including policies, procedures, and instructions, ensuring they remain current and relevant
  • Identify, collect, and analyse data to track key security performance indicators (KPIs) and metrics, generating reports and dashboards to communicate security performance to stakeholders
  • Maintain the risk register and support daily risk management activities with growing independence
  • Follow up on the remediation of risks identified in new projects, third-party engagements, and other business initiatives
  • Conduct thorough security posture assessments of new vendors and perform periodic reviews of existing ones
  • Support our 3rd party procurement process
  • Monitor the implementation and effectiveness of security controls across the organisation
  • Coordinate and support activities to maintain key security certifications, including PCI-DSS and ISO 27001
  • Coordinate and support the implementation of remediation plans to address identified compliance gaps
  • Provide support in responding to security-related questions during partner due diligence and assist in providing necessary information for cyber insurance renewals
What we offer
What we offer
  • Work hybrid
  • Meet all Junis IRL at the company onsite each year
  • Diversity is at our core
  • Progress your career whether you choose to manage people or not
  • Stock options
  • Vacation 30 days
  • Private Health insurance
  • Beautiful offices in central Gothenburg and Stockholm, front row sea view
  • Fulltime
Read More
Arrow Right
New

Director of Information Security

Join Brandeis University as Director of Information Security. Brandeis Universit...
Location
Location
United States , Waltham
Salary
Salary:
160000.00 - 174800.00 USD / Year
brandeis.edu Logo
Brandeis University
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree required
  • Master’s preferred
  • 8+ years of information security experience
  • 3–5 years in supervisory roles
  • Expertise in cybersecurity frameworks (NIST, CIS), compliance requirements, risk management, and incident response
  • Strong communication and collaboration skills across technical and non-technical stakeholders
  • Discretion, sound judgment, and the ability to balance mission and security priorities
Job Responsibility
Job Responsibility
  • Lead the Information Security Program: Develop, implement, and manage policies, governance, and risk management programs that protect the university’s digital assets and data
  • Drive Cybersecurity Operations & Resilience: Monitor threats, manage vulnerabilities, and oversee incident response and business continuity planning
  • Ensure Compliance & Vendor Security: Support regulatory adherence (FERPA, GLBA, federal research mandates) and manage third-party risk assessments
  • Engage Campus Partners: Advise leadership, faculty, researchers, and staff on security risks, emerging threats, and mitigation strategies
  • Promote Security Awareness: Build a culture of cybersecurity through training, outreach, and community engagement
  • Fulltime
Read More
Arrow Right

Cyber Security Governance Specialist

Are you looking for a new challenge? Fancy helping us shape the future of motor ...
Location
Location
Italy , Milan
Salary
Salary:
Not provided
prima.it Logo
Prima
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in cybersecurity governance, risk, compliance, or security assurance roles, either in-house or within a consulting environment, preferably in regulated or complex organisational contexts
  • Proven knowledge of major cybersecurity frameworks (e.g., ISO/IEC 27001, NIST CSF) and regulatory landscapes (GDPR, DORA)
  • Proven experience in developing policies, conducting gap analyses, audit activities and defining remediation plans
  • Familiarity with Business Continuity Management (BCM) and IT Disaster Recovery (DR) concepts, including participation in Business Impact Analyses (BIA), critical asset dependency mapping, definition of RTOs and RPOs and Disaster Recovery tests or exercises
  • Strong English communication skills, with the ability to collaborate effectively with multidisciplinary teams
Job Responsibility
Job Responsibility
  • Contribute to the definition, implementation, and continuous improvement of the cybersecurity governance framework, including policies, procedures, and controls aligned with international standards and regulatory requirements (e.g. ISO/IEC 27001, NIST CSF, COBIT, GDPR, DORA)
  • Perform security audits, gap analyses, and cyber risk assessments, identifying remediation actions and supporting their execution with relevant stakeholders
  • Participate in third-party security and resilience assessments
  • Support Business Continuity Management (BCM) and IT Disaster Recovery (DR) activities, contributing to Business Impact Analyses (BIA) activities, critical asset dependency mapping, the definition and maintenance of Recovery Time and Recovery Point Objectives (RTOs/RPOs) and participation in business continuity and IT Disaster Recovery tests and exercises (e.g. tabletop simulations)
  • Support cybersecurity awareness initiatives, training programs, and onboarding activities related to security topics
What we offer
What we offer
  • Work Your Way: Enjoy full flexibility – work from home, the office or a mix of both
  • Grow with us: We may move fast at Prima, but we move together. Get access to learning resources, mentorship and a growth plan tailored to you
  • Thrive and perform: Your best work begins when you feel your best. Enjoy private healthcare, gym discounts, wellbeing programs and mental health support
  • Fulltime
Read More
Arrow Right

Cyber Security Governance Specialist

Are you looking for a new challenge? Fancy helping us shape the future of motor ...
Location
Location
Spain , Madrid
Salary
Salary:
Not provided
prima.it Logo
Prima
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in cybersecurity governance, risk, compliance, or security assurance roles, either in-house or within a consulting environment, preferably in regulated or complex organisational contexts
  • Proven knowledge of major cybersecurity frameworks (e.g., ISO/IEC 27001, NIST CSF) and regulatory landscapes (GDPR, DORA)
  • Proven experience in developing policies, conducting gap analyses, audit activities and defining remediation plans
  • Familiarity with Business Continuity Management (BCM) and IT Disaster Recovery (DR) concepts, including participation in Business Impact Analyses (BIA), critical asset dependency mapping, definition of RTOs and RPOs and Disaster Recovery tests or exercises
  • Strong English communication skills, with the ability to collaborate effectively with multidisciplinary teams
Job Responsibility
Job Responsibility
  • Contribute to the definition, implementation, and continuous improvement of the cybersecurity governance framework, including policies, procedures, and controls aligned with international standards and regulatory requirements (e.g. ISO/IEC 27001, NIST CSF, COBIT, GDPR, DORA)
  • Perform security audits, gap analyses, and cyber risk assessments, identifying remediation actions and supporting their execution with relevant stakeholders
  • Participate in third-party security and resilience assessments
  • Support Business Continuity Management (BCM) and IT Disaster Recovery (DR) activities, contributing to Business Impact Analyses (BIA) activities, critical asset dependency mapping, the definition and maintenance of Recovery Time and Recovery Point Objectives (RTOs/RPOs) and participation in business continuity and IT Disaster Recovery tests and exercises (e.g. tabletop simulations)
  • Support cybersecurity awareness initiatives, training programs, and onboarding activities related to security topics
What we offer
What we offer
  • Work from home, the office or a mix of both
  • work from anywhere for up to 30 days a year
  • access to learning resources, mentorship and a growth plan tailored to you
  • private healthcare, gym discounts, wellbeing programs and mental health support
  • Fulltime
Read More
Arrow Right

Senior Trust Analyst

The Trust Engagement team is a globally distributed group of Security and Risk p...
Location
Location
Poland , Gdańsk
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years experience working with customers across Security, Governance, Risk and Compliance domain areas
  • Expertise to lead discussions with decision makers about security and risk trade-offs
  • Direct customer-facing or consulting engagement experience
  • Success with customer, executive, or board member briefings on strategy, including impactful and effective presentations
  • Knowledge of security, compliance, and privacy frameworks & standards (e.g., GDPR, HIPAA, SOC2, ISO27001, NIST 800-53, PCI-DSS, C5, DORA, NIS2)
  • Experience working with Regulatory Compliance, Global Privacy Programs, Cloud Security or related functions
  • Familiarity with large-scale enterprise SaaS platforms and challenges across security, privacy and compliance related to customer trust
  • Experience with cybersecurity principles and controls, including their application in a SaaS context
  • Understanding infrastructure and delivery models of SaaS products
  • Proficient knowledge of cloud platforms (e.g., AWS, Azure, Google Cloud) and their services
Job Responsibility
Job Responsibility
  • Represent Atlassian with our Strategic & Enterprise customers to manage trust-related questions and concerns for customer acquisition, customer migration, and long term customer retention
  • Be accountable for engaging in a variety of Atlassian customer facing initiatives. Your primary focus will involve helping our customers gain an understanding of Atlassian’s commitment to Trust by articulating our Security practices, Compliance posture, Privacy measures, Resilience efforts and Anti-Abuse program
  • Manage complex customer security reviews & audits
  • Support Atlassian’s legal teams in negotiating security and compliance terms & exhibits for Atlassian Customer Agreements
  • Represent the Voice of the Customer by identifying deal blockers and friction points to influence Security, Product & Engineering strategy in meeting customer expectations
  • Drive customer facing Trust collateral by publishing publicly facing materials, presentations, white papers
  • Provide security, compliance, and privacy education and training to internal partner teams in Sales, Product Marketing, Legal, etc.
  • Mentor team through technical leadership and knowledge sharing.
What we offer
What we offer
  • Health and wellbeing resources
  • Paid volunteer days
  • Wide range of perks and benefits designed to support you and your family.
Read More
Arrow Right

Sr. Director, ERP Platforms

The Sr. Director, ERP & Supply Chain Optimization will lead the transformation o...
Location
Location
United States , Philadelphia
Salary
Salary:
Not provided
aramark.com Logo
Aramark
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven track record leading enterprise ERP transformations alongside multi-site WMS implementations
  • Strong knowledge of supply chain logistics, distribution center operations, and inventory management
  • Experience embedding AI/ML into ERP or supply chain solutions to drive automation and insights
  • Cloud-first mindset with experience in SaaS ERP, cloud integrations, and hybrid architecture
  • Demonstrated ability to lead complex, cross-functional programs with measurable financial and operational impact
  • Excellent communication and change management skills
  • proven success driving adoption across distributed teams
  • Bachelor’s degree in Supply Chain, Information Systems, or related field required
  • advanced degree preferred
  • Experience establishing governance, risk, and compliance controls (e.g., SOX) for supply chain systems
Job Responsibility
Job Responsibility
  • Lead enterprise ERP due diligence, vendor evaluation, and roadmap development, with a predisposition toward Oracle solutions
  • Drive ERP–WMS program delivery across supply chain, finance, and operations, ensuring long-term scalability and efficiency
  • Apply AI and advanced analytics in ERP/WMS processes (demand planning, anomaly detection, prescriptive inventory management)
  • Leverage cloud-first technologies to improve scalability, resiliency, and speed-to-value in ERP and supply chain execution
  • Own the multi-site WMS roadmap and rollout across three DCs
  • Design and implement ERP/WMS capabilities spanning receiving, putaway, replenishment, picking, packing, shipping, returns, and inventory control
  • Oversee integrations across ERP, TMS, WES/automation, RF devices, labeling, and reporting
  • enforce master-data governance
  • Establish governance, risk, and compliance controls (SOX, cybersecurity, data quality) for ERP and supply chain platforms
  • Partner with finance, operations, and IT executives to align priorities and accelerate delivery of measurable outcomes
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy