Manager - IT Governance, Risk and Compliance

About us:  At Plexus, our vision is to help create the products that build a better world.  Driven by a passion for excellence, we partner with leading Aerospace/Defense, Healthcare/Life Sciences and Industrial companies to design, manufacture and service some of the world’s most transformative products, including advanced surgical systems, diagnostic instruments, healthcare imaging equipment, mission critical aerospace systems, and electric vehicle (EV) charging solutions. Visit Plexus.com to learn more about our unwavering commitment to our vision. 

When we invest in our people, we invest in building a better world. 

With a vision rooted in the wellbeing and inclusive engagement of our team members, our customers, their end users and our communities, people are the heart of what we do and who we are. It is our values that unite us and guide us in everything that we do, including how we operate, behave and interact to foster a workplace where every team member feels valued and empowered to contribute their best.  

Our values include: Growing our People, Building Belonging, Innovating Responsibly, Delivering Excellence and Creating Customer Success. 

As a team member, you will engage in impactful work through global collaboration and the use of emerging technologies, join an inclusive culture where every team member is valued and working toward a greater purpose, and be empowered to reach your full potential through various development programs designed to accelerate your growth. 

Plexus offers a comprehensive benefits package designed to support team members' wellbeing, including medical, dental, and vision insurance, paid time off, retirement savings, and opportunities for professional development. We also prioritize work-life balance and offer a variety of perks to enhance the team member experience.  For more information, visit our US benefits website at usbenefits.plexus.com. Our commitment to pay range transparency fosters an equitable workplace, where everyone can feel valued. The annual compensation range for this position is stated below. The salary offered within this range will be based upon the geographic location, work experience, education, licensure requirements and/or skill level. Salary Range:

Purpose Statement: Lead and manage the IT Governance, Risk, and Compliance (GRC) team, driving the development, maintenance, and execution of the GRC framework, ensuring compliance with global regulations and industry standards, and maturing the organization's overall cybersecurity posture.

Key Job Accountabilities:

• IT Governance, Risk, and Compliance Program Leadership: 

  • Develop and maintain the Cybersecurity GRC framework, policies, standards, and procedures in alignment with regulatory requirements (e.g., ISO 27001, NIST CSF, Cyber Essentials +, SOC 2, GDPR, CMMC Level 2,3)

  • Develop, maintain, and socialize IT and cybersecurity policies, standards, and procedures across the organization. 

  • Oversee risk mitigation and the IT risk register, lead risk assessments.

  • Develop, and oversee IT control effectiveness. Experience with IT Control design review and validation.

  • Coordinate internal and external cybersecurity audits and assessments, tracking findings through remediation.

  • Oversee customer assessments and questionnaires.

  • Build, coordinate and oversee Third-Party risk management 

• Strategic Program Management and Continuous Improvement: Lead the execution of the multi-year GRC Program roadmap, tracking and reporting on key performance indicators (KPIs) and key risk indicators (KRIs) to executive leadership. Drive continuous improvement in security controls and GRC processes by implementing best practices and automating controls where feasible.

• Talent Management and Core Values: Responsible to exemplify and hold their team accountable to demonstrating the Plexus Core Values. Leader will focus on evaluating potential, driving succession planning, and ensuring their employees receive the development and coaching required to realize their full potential.

• All GT leaders are accountable for upholding the organization's cybersecurity posture by adhering to security policies and procedures, actively participating in training, protecting data and systems, actively identifying and mitigating vulnerabilities, and promptly reporting any suspicious activity or potential security incidents.

Education/Experience Qualifications:

• Bachelor’s Degree with 5 or more years of related experience is preferred. An equivalent combination of education and/or experience will be considered.

Other Qualifications:

• Advanced leadership experience in dynamic, fast paced environments.

• Advanced decision making, problem solving, and prioritization skills.

• Advanced verbal and written communication skills.

• Good interpersonal, communication and leadership skills; ability to motivate people and manage resources effectively and work with business partners to achieve goals.

• Business acumen, knowledge and professionalism; understand how a business operates with the ability to develop and articulate the value proposition of a new process.

• Functional knowledge in project management skills.

• Must be self-motivated with the ability to work independently and in a team environment.

• Knowledge of industry-standard security frameworks (e.g., NIST CSF, ISO 27001, CIS Controls) and regulatory requirements (e.g., SOX, SEC, GDPR, HIPAA, CMMC).

Preferred Qualifications:

• Experience building an IT GRC function within a global organization.

• Experience building an IT Third-Party Risk function within a global organization.

• Industry recognized certifications such as the CRISC, CISA, CISSP, CISM, and/or CGEIT are preferred.

• Experience in the use and administrative setup of GRC software platforms (e.g., Vanta, ServiceNow GRC).

Physical Requirements:

• Professional office environment with suitable lighting, comfortable temperatures, and low noise level. May require prolonged periods of sitting at a desk, using a computer, and other office equipment. Minimal physical activity is generally involved, emphasizing the importance of good posture and ergonomic workplace arrangements.

Travel Requirements:

• 5%

This document does not represent a contract of employment and is not intended to capture every possible assignment the incumbent could be asked to perform.

We are pleased to provide reasonable accommodations to individuals with disabilities or special requirements.  If you need an application accommodation, please contact us by email at [email protected]. Please include your contact information and clearly describe how we can help you. This email is for accommodation requests only and cannot be used to inquire about the status of applications.

We are an Equal Opportunity Employer (EOE) and do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Some offers of employment are contingent upon successfully passing a drug screen and/or background check.