Explore Jobs Events Companies Join Login
The Mosaic Company
Manager, IT Cybersecurity (Governance, Risk and Compliance)
The Mosaic Company
Tampa, FL
Jan 14, 2025
Full-time
Full Job Description

The Manager, Global Cybersecurity will be responsible for leading and managing the Mosaic Governance, Risk, and Compliance team. A governance, risk, and compliance (GRC) manager serve as the subject matter expert for companywide GRC initiatives, collaborating closely with Internal audit, Enterprise Risk Management, and other cybersecurity leaders. This role encompasses the development, implementation, and ongoing coordination of enterprise GRC efforts. The GRC manager is responsible for overseeing enterprise-wide cybersecurity risks (including both Information Technology (IT) and Operational Technology (OT), conducting risk analyses and mitigation options, while regularly tracking and reporting to executive leadership. In addition, the manager accepts duties to enforce GRC rigor globally for enterprise-wide obligations. Additionally, this role involves implementing and advancing policies and a comprehensive control framework to execute the GRC strategy. The GRC manager oversees the administration of standards and controls, risk management, third-party risk, security awareness initiatives, IT business continuity and disaster recovery, baseline security controls, and technology compliance initiatives.
This position requires a deep understanding of relevant regulations, risk management methodologies, technical controls, and a proactive approach to addressing both operational and strategic risks. The GRC manager collaborates with a cross-functional team of GRC analysts to evaluate controls, map them to key performance indicators, measure effectiveness and produce timely reports for management. These reports are essential for identifying, evaluating, and reporting on cybersecurity risks that may impact the business, ensuring informed decision-making. Strong business acumen and a diverse technical background are crucial for understanding emerging technologies and legacy systems considered business critical. The GRC manager reports to the Director, IT Cybersecurity.

What will you do?

  • Lead organization wide GRC initiatives in partnership with risk management and cybersecurity teams. Oversee all GRC activities and coordinate closely with corporate risk management. Serve as a subject matter expert and trusted advisor for leadership on daily GRC matters. Serve as the primary contact for responding to business unit inquiries regarding IT compliance. Maintain a strategic and comprehensive GRC program that includes policies, standards, processes, and guidelines. Oversee third-party and vendor risk as an integral part of the organization’s risk management strategy. Facilitate training programs to enhance risk and compliance awareness and educate employees.

  • Collaborate with IT, legal, finance and operations to develop a cohesive GRC program. Partner with business units during solutions onboarding to ensure adequate controls are in place and enabled. Provide guidance to team members to ensure compliance with relevant laws and regulations. Deliver GRC reports to management, emphasizing compliance status, risk exposure and mitigation efforts. Document GRC activities, policies, assessments, and corrective actions to ensure audit readiness. Motivate functional areas to implement practices that comply with cybersecurity policies and standards.

  • Conduct regular risk assessments, analyzing emerging risks across the organization. Coordinate with stakeholders to implement effective risk mitigation strategies. Document, communicate and enforce cybersecurity standards that balance risk with business operations. Oversee the protection of critical data through data classification, DLP and records retention requirements. Provide leadership in collaboration with technical and business teams to strengthen business resiliency. Oversee security systems and configuration administration to reduce risk to systems and accounts.

  • Implement process improvements using GRC tools and methodologies to drive productivity gains. Stay updated on regulatory changes and industry standards, such as ISO, NIST, GDPR, HITRUST and HIPAA. Cooperate with internal and external auditors to maintain and implement controls that meet GRC requirements. Appoint a team to monitor priority issues with rigorous documentation and reporting. Guide team to align with security, audit, and risk management efforts in ongoing security program assessments. Regularly traveling to site and office locations for critical initiatives and regular relationship building and team development.

What do you need for this role?

  • Bachelor's degree required, Cybersecurity or Information Systems, Computer Science, Information Systems or related field.

  • CISM, CISA, CRISC, GGRC or CISSP certification desired

  • 7+ years of information technology experience, 5 of which including roles in security analysis, compliance, and risk management.

  • Demonstrated experience leading and developing a global, mostly remote team.

  • Experience working with third-party vendors and consultants.

  • Understanding of frameworks, regulations, and laws such as ISO, NIST, HIPAA, HITRUST, GDPR and LGPD.

  • Proficient in GRC tools for tracking and managing compliance, conducting risk assessments and reporting.

  • Knowledge of GRC for cloud computing, including validation of security configurations, resiliency and data protection.

  • Project management skills for working with stakeholders and completing projects on time and in scope.

  • Demonstrated experience conducting tabletop exercises to enhance business resiliency.

  • Excellent written and verbal communication skills for both business and cybersecurity contexts.

  • Commitment to sharing up-to-date industry knowledge with team to elevate overall GRC program expertise.

  • Experience working within blended IT and OT (operational technology)

  • Excellent verbal, written, listening and presentation communication skills

  • Ability to present and discuss technical information in a way that establishes rapport, persuades others, and gains understanding

  • Experienced in using knowledge to create value

  • Strong organizational and planning skills as well as attention to detail

  • Ability to handle highly confidential and sensitive information

  • Ability to effectively work and create effective partnerships with employees at all levels within the organization

  • Ability to anticipate and understand business strategies, objectives and priorities

  • Strong motivational leader that possesses a hands-on, lead by example approach

  • Strong interpersonal and teamwork skills

  • Ability to adapt to a continually changing business and work environment and manage multiple priorities

  • Demonstrated critical thinking and decision making skills

  • Strong analysis and problem-solving skills

  • Ability to provide oversight across multiple initiatives or projects

#li-km1

    PDN-9df68efd-08e7-4b37-93ca-30959a4c1b3d
    Job Information
    Job Category:
    Skilled Labor
    Spotlight Employer
    Related jobs
    Benjamin Moore
    Warehouse Associate
    Benjamin Moore
    Overview At Benjamin Moore, we empower our team members to achieve their goals and make a positive impact in our communities. We offer a rewarding and inspiring work environment that fosters creativit...
    Jan 14, 2025
    Lewisville, TX
    Benjamin Moore
    Systems Integration Specialist - Robotic Process Automation (Hybrid)
    Benjamin Moore
    Overview At Benjamin Moore, we empower our team members to achieve their goals and make a positive impact in our communities. We offer a rewarding and inspiring work environment that fosters creativit...
    Jan 14, 2025
    Montvale, NJ
    Benjamin Moore
    Product Development Chemist II
    Benjamin Moore
    Overview At Benjamin Moore, we empower our team members to achieve their goals and make a positive impact in our communities. We offer a rewarding and inspiring work environment that fosters creativit...
    Jan 14, 2025
    Flanders, NJ
    Follow us:
    Company:
    About IPDN
    Investor Relations
    Site Resources:
    Terms of Services
    Privacy Policy
    Support Request
    For Employers:
    Post a Job
    Contact an Associate
    Our Partners
    ©2025 TalentAlly.
    Powered by TalentAlly.
    Apply for this job
    Manager, IT Cybersecurity (Governance, Risk and Compliance)
    The Mosaic Company
    Tampa, FL
    Jan 14, 2025
    Full-time
    Your Information
    First Name *
    Last Name *
    Email Address *
    Zip Code *
    Password *
    Confirm Password *
    Create your Profile from your Resume
    By clicking the Apply button, you agree to the terms of use and privacy policy.
    Continue to Apply

    The Mosaic Company would like you to finish the application on their website.

    Ace your interview with
    AI-powered interview practice

    Get comfortable talking to hiring managers, receive personalized feedback on areas for improvement, sharpen your ability to answer the most common questions, and build confidence in formulating strong responses on the spot. Click the button below to begin your three free virtual interviews!