Director, Global Cybersecurity - Governance, Risk, Compliance & Identity
Donaldson · Bloomington, MN · 1 wk ago
Information Technology$158k–$211k/yrFull-time
Key Responsibilities
- Integrate GRC, IAM, and OT security into a unified cybersecurity risk model
- Support M&A due diligence and integration from a cybersecurity and compliance perspective
- Develop, mentor, and retain a high-performing security operations organization, including hiring strategy, succession planning, performance management, and a culture of accountability and learning
- Establish and maintain cybersecurity KPIs, KRIs, and dashboards
- Advise leadership on risk, investment priorities, and regulatory exposure
- Drive continuous improvement of the enterprise control environment
- Governance, Risk & Compliance: Direct leadership of the global GRC organization, including governance, risk management, compliance, and audit functions
- Define and mature enterprise cybersecurity governance frameworks, policies, and standards
- Establish an integrated risk management program spanning IT, OT, cloud, and third parties
- Own regulatory, legal, and customer-driven compliance programs (e.g., SOX, GDPR, CMMC, and TISAX)
- Oversee audits, regulatory engagements, and customer security assessments
- Deliver cyber risk reporting and board-facing materials
- Identity & Access Management: Provide strategic oversight of the IAM/ICAM function, including identity lifecycle, access governance, and privileged access using SailPoint ISC as the core platform, powered by ServiceNow and other technologies
- Align IAM capabilities with Zero Trust architecture and security strategy
- Drive identity risk through metrics, reporting, and control effectiveness
- Partner with IAM leadership to ensure scalable, compliant identity services across global operations
- Define, implement, and operate the use and impact of GenAI within IAM landscape along with use of GenAI in the ecosystem
- Operational Technology (OT) Security: Provide strategic oversight of OT cybersecurity strategy and governance across manufacturing, labs, and ICS environments
- Apply consistent security controls and risk management practices across plants and lab environments
- Partner with OT and manufacturing & technical leaders to embed security into system lifecycle and operations
- Align OT security with regulatory, safety, and business continuity requirements
Minimum Qualifications
- Bachelor’s degree in Cybersecurity, Computer Science, Engineering, Risk Management, or related field
- 10+ years of progressive experience in cybersecurity, GRC, or identity management
- Experience managing budgets and vendors, building multi-year roadmaps, and delivering measurable outcomes through program and portfolio management
- Proven experience leading enterprise GRC functions
- Strong working knowledge of NIST CSF, NIST 800-53, ISO 27001, and SOC frameworks
- Experience with global regulatory and compliance programs (such as SOX, GDPR, PCI DSS, CMMC, TISAX)
- Experience collaborating with IAM and/or OT security leadership in large-scale environments
- Demonstrated experience operating in complex, global organizations
Preferred Qualifications
- Experience in global manufacturing, lab environment, or OT-intensive environments
- Familiarity with Zero Trust, cloud security, and AI governance frameworks
- Strong communication and board-level presentation capabilities
- Proven ability to influence across matrixed IT, security, and business teams