Jobs · Information Technology · Minnesota

Director, Global Cybersecurity - Governance, Risk, Compliance & Identity

Donaldson · Bloomington, MN · 1 wk ago
Information Technology$158k–$211k/yrFull-time

Key Responsibilities

  • Integrate GRC, IAM, and OT security into a unified cybersecurity risk model
  • Support M&A due diligence and integration from a cybersecurity and compliance perspective
  • Develop, mentor, and retain a high-performing security operations organization, including hiring strategy, succession planning, performance management, and a culture of accountability and learning
  • Establish and maintain cybersecurity KPIs, KRIs, and dashboards
  • Advise leadership on risk, investment priorities, and regulatory exposure
  • Drive continuous improvement of the enterprise control environment
  • Governance, Risk & Compliance: Direct leadership of the global GRC organization, including governance, risk management, compliance, and audit functions
  • Define and mature enterprise cybersecurity governance frameworks, policies, and standards
  • Establish an integrated risk management program spanning IT, OT, cloud, and third parties
  • Own regulatory, legal, and customer-driven compliance programs (e.g., SOX, GDPR, CMMC, and TISAX)
  • Oversee audits, regulatory engagements, and customer security assessments
  • Deliver cyber risk reporting and board-facing materials
  • Identity & Access Management: Provide strategic oversight of the IAM/ICAM function, including identity lifecycle, access governance, and privileged access using SailPoint ISC as the core platform, powered by ServiceNow and other technologies
  • Align IAM capabilities with Zero Trust architecture and security strategy
  • Drive identity risk through metrics, reporting, and control effectiveness
  • Partner with IAM leadership to ensure scalable, compliant identity services across global operations
  • Define, implement, and operate the use and impact of GenAI within IAM landscape along with use of GenAI in the ecosystem
  • Operational Technology (OT) Security: Provide strategic oversight of OT cybersecurity strategy and governance across manufacturing, labs, and ICS environments
  • Apply consistent security controls and risk management practices across plants and lab environments
  • Partner with OT and manufacturing & technical leaders to embed security into system lifecycle and operations
  • Align OT security with regulatory, safety, and business continuity requirements

Minimum Qualifications

  • Bachelor’s degree in Cybersecurity, Computer Science, Engineering, Risk Management, or related field
  • 10+ years of progressive experience in cybersecurity, GRC, or identity management
  • Experience managing budgets and vendors, building multi-year roadmaps, and delivering measurable outcomes through program and portfolio management
  • Proven experience leading enterprise GRC functions
  • Strong working knowledge of NIST CSF, NIST 800-53, ISO 27001, and SOC frameworks
  • Experience with global regulatory and compliance programs (such as SOX, GDPR, PCI DSS, CMMC, TISAX)
  • Experience collaborating with IAM and/or OT security leadership in large-scale environments
  • Demonstrated experience operating in complex, global organizations

Preferred Qualifications

  • Experience in global manufacturing, lab environment, or OT-intensive environments
  • Familiarity with Zero Trust, cloud security, and AI governance frameworks
  • Strong communication and board-level presentation capabilities
  • Proven ability to influence across matrixed IT, security, and business teams

Similar jobs