Senior Manager, Governance – Cybersecurity GRC

Are you ready to lead with vision and make a global impact? As Senior Manager, Governance within Cybersecurity Governance, Risk, and Compliance (GRC) organization, you’ll be at the forefront of our mission to safeguard Johnson Controls’ digital landscape. In this key role, you’ll drive the evolution of our cybersecurity governance framework, ensuring our organization not only meets but exceeds regulatory standards and industry best practices.
You’ll collaborate with talented professionals across the globe, championing a culture of proactive risk management, continuous improvement, and cross-functional partnership. Your leadership will empower teams, foster innovation, and help us stay ahead of emerging threats in a rapidly changing environment.

What you will do:

• Develop and execute forward-thinking cybersecurity governance strategies that elevate our security posture and drive organizational excellence.

• Design, implement, and maintain a robust governance program—documenting, communicating, and enforcing policies, standards, and guidelines that align with business objectives.

• Serve as a subject matter expert, educating and guiding technology teams and business partners on cyber governance requirements and best practices.

• Engage with internal and external auditors. Facilitate assessments and audits, ensuring timely responses and adherence to JCI policies and standards.

• Lead coordination across cross-functional teams to deliver cybersecurity training and awareness initiatives, reinforcing adherence to governance policies

• Collaborate with cross-functional teams to evaluate cyber controls, map them to program key performance indicators and assess compliance.

• Report on the effectiveness of governance initiatives, using data-driven insights to inform continuous improvement.

• Ensure our governance framework meets evolving compliance requirements and incorporates stakeholder input and industry benchmarks.

• Foster collaboration through partnership with cybersecurity leaders and cross-functional teams to refine processes, develop key performance indicators, and promote organizational cyber maturity.

• Implement process enhancements using automation tools and agile methodologies to boost productivity and efficiency.

• Monitor and interpret evolving regulatory requirements and industry best practices to inform governance enhancements.

• Build and lead a high-performing team. Mentor and develop cybersecurity professionals, fostering growth, innovation, and a shared commitment to excellence.

• Participate in relevant cybersecurity committees and working groups.

What we look for:

Required

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field.

• 8+ Experience in cybersecurity governance, risk management, or compliance—especially in building and leading governance frameworks that make a difference.

• Proven track record of leading high-performing teams and delivering results with autonomy, accountability, and a collaborative spirit.

• Deep expertise in industry frameworks, regulations, and laws such as ISO, NIST, PCI, GDPR, and CRA—plus the ability to translate complex requirements into practical solutions.

• Experience navigating both legacy and emerging technologies to manage business risk and enforce robust security controls.

• Exceptional communication and interpersonal skills, with the ability to build trust, minimize friction, and engage effectively with stakeholders at every level.

• Demonstrated success in managing multiple initiatives and delivering on schedule using agile methodologies and tools (e.g., Scrum/Kanban, Jira).

• Strong critical thinking and problem-solving skills, with a knack for distilling complex requirements into actionable strategies.

• Experience leading distributed and hybrid teams, fostering a culture of inclusion and continuous improvement.

Preferred

• Industry Certifications: Credentials such as CISSP, CISM, CISA, CRISC, or other certifications in cybersecurity governance that demonstrate your commitment to excellence and continuous learning.

• Operational Technology Savvy: Experience with cybersecurity controls for Operational Technologies (like Control Systems or Building Management) will help you make an even greater impact in our diverse environment.

• Global Perspective: If you’ve worked in a global organization and navigated multi-regional compliance requirements, you’ll thrive in our dynamic, international team.

• If you’re passionate about cybersecurity and eager to grow in a collaborative, forward-thinking environment, we encourage you to apply—even if you don’t meet every preferred qualification. Your unique perspective and drive could be exactly what we need!

HIRING SALARY RANGE: $126,000 - 171,000 (Salary to be determined by the education, experience, knowledge, skills, and abilities of the applicant, internal equity, location and alignment with market data.) This role offers a competitive Bonus plan that will take into account individual, group, and corporate performance. This position includes a competitive benefits package. For details, please visit the About Us tab on the Johnson Controls Careers site at https://jobs.johnsoncontrols.com/about-us

Johnson Controls International plc. is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, sexual orientation, gender identity, status as a qualified individual with a disability or any other characteristic protected by law. To view more information about your equal opportunity and non-discrimination rights as a candidate, visit EEO is the Law. If you are an individual with a disability and you require an accommodation during the application process, please visit here.