
Compliance and Risk Manager
Posted 1 hour ago

Posted 1 hour ago
This is a fully remote position, open to applicants in Ohio.
β’ Designing, executing, and consistently enhancing Hexion's information security compliance and enterprise risk management initiatives.
β’ Overseeing Hexion's ISO 27001 Information Security Management System (ISMS) along with associated cloud-specific extensions.
β’ Leading Hexion's SOC 2 compliance initiative.
β’ Implementing the CIS Controls as the foundational security framework for the enterprise.
β’ Maintaining expertise in NIST 800-53 and integrating it into enterprise risk governance.
β’ Managing the internal controls assurance program.
β’ Bachelorβs degree in Information Security, Computer Science, Business Administration, or a related discipline (Master's degree preferred).
β’ Over 7 years of progressive experience in information security compliance, GRC, or risk management positions.
β’ Proven, hands-on experience in managing ISO 27001 certification programs.
β’ Extensive knowledge of ISO 27017 and ISO 27018 cloud security and privacy controls.
β’ Practical experience with SOC 2 Type II compliance.
β’ Proficient in CIS Controls (IG1 and IG2).
β’ Familiarity with NIST 800-53 control families and the NIST Risk Management Framework.
β’ Experience in operating enterprise risk management programs.
β’ Strong written communication skills.
β’ Remote-first position.
β’ Occasional travel to manufacturing facilities, partner locations, and engagements with auditors or certification bodies.
Humana
Horace Mann
Insitu Inc
Affirm
Get handpicked remote jobs straight to your inbox weekly.