Director, Cybersecurity Governance, Risk, and Compliance (GRC)

Proven to Perform.
From the edges of space to the bottoms of ocean, our materials are proven to perform -- and so is our team. We're hiring high performers as proven as our products. Join us.

ATI is seeking a knowledgeable Cybersecurity professional to join our organization as the Director of Cybersecurity Governance, Risk, and Compliance (GRC) as we continue to grow our team. As a leader in the Cybersecurity organization, this individual will work proactively with internal and external stakeholders, including auditors, executives, and project teams, to document and implement practices that meet ATI's defined policies, standards, and procedures. This role requires a strategic thinker who can align cybersecurity initiatives with overall business objectives.

The successful candidate will be a passionate people leader who has familiarity and an appreciation of the field’s concepts, standards, and frameworks, as well as a solid digital technology skillset. The director will also play a significant role in helping to influence the organization at all levels to effect change in the way the organization thinks about cybersecurity. Ideally this person will sit at our Enterprise Resource Center located in Pittsburgh, PA, or our Corporate Headquarters in Dallas, TX.

• Provide operational oversight and serve as the leadership point of contact for the Cybersecurity Governance, Risk, and Compliance team. Manage, mentor, coach, and train cybersecurity staff.
• Manage internal and external vendors and teams conducting security assessments. Proactively gather evidence from key stakeholders prior to external assessments and automate attestations when possible.

• Manage and continuously improve an effective cybersecurity awareness program for all of ATI.
• Develop and deliver briefings, reports, dashboards, and metrics for various levels of management and leadership. Maintain responsibility for deadlines and provide analytical support for budgets in managed area.

• Continuously evaluate cybersecurity controls to ensure effectiveness, compliance and adherence to key controls and policies.
• Work with stakeholders across Cybersecurity, Internal Audit, Digital Technology, and the business to collaborate and execute cybersecurity standards and requirements.
• Manage and ensure proper documentation of technical and non-technical risk and vulnerability assessments of digital technology.
• Provide technical advisory services to business and technology teams concerning cybersecurity compliance, controls, and measurement. Identify areas for improvement and assist in the development of solutions.

#LI-Hybrid

Basic Qualifications:

• At least five (5) years of experience in a leadership role, performing risk and vulnerability management and implementing cybersecurity frameworks, such as NIST and CMMC.
• At least three (3) years of experience with risk management frameworks and implementation, as well as vulnerability analysis and metrics. High School Diploma or GED required.
• Must be eligible to obtain a security clearance.

Preferred Qualifications (in addition to Basic Qualifications):

• Bachelor's Degree in Cybersecurity, Information Systems, Computer Science, Engineering, or related discipline. Prior experience working in a manufacturing or industrial business environment.
• Industry standard certification in cybersecurity (OSCP, CISSP, CISA, etc.). Experience with third party and supply chain risk.

• Applied knowledge in:
• Cybersecurity concepts and technical implementations Cybersecurity standards, policies, and frameworks Cybersecurity risk management
• Common risk and cybersecurity assessment methods Cybersecurity laws, regulations, and standards
• Understanding of information technology, and cybersecurity compliance assessment methods.
• Working knowledge of network interoperability, cybersecurity, and survivability issues, including cybersecurity best practices and standards. Ability to communicate effectively across various levels and organizational lines.
• Reasoning and problem-solving skills.
• Ability to work independently with limited supervision.

*It is ATI's policy to not provide immigration sponsorship for any of the company's positions.
ATI and its subsidiary companies will provide equal employment opportunities to all applicants without regard to applicant's race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, veteran status, disability status, or any other status protected be federal or state law. The company will provide reasonable accommodations to allow an applicant to participate in the hiring process if so requested.