Compliance Lead

Job Summary

We are seeking a Cyber Assurance Analyst to support and execute global cyber assurance activities, including ISO/IEC 27001 certification, SOC 2 reporting, customer cybersecurity audits, and internal audit support across a global environment.

• Support and coordinate global ISO/IEC 27001 certification activities, including audit readiness, evidence collection, internal audit support, and remediation tracking.
• Participate in SOC 2 Type I and Type II engagements, support control walkthroughs, evidence preparation, and auditor interactions.
• Serve as day‑to‑day liaison with external auditors and certification bodies.
• Maintain audit documentation and support ongoing control maturity efforts.
• Lead preparation and responses for global customer cybersecurity audits and due diligence assessments.
• Coordinate with Sales, Legal, and IT teams to provide accurate, consistent, and risk‑aligned responses.
• Track customer audit findings and support remediation and follow‑up activities.
• Support Internal Audit engagements related to information security and IT controls, including walkthroughs, evidence coordination, and issue tracking.
• Maintain centralized audit evidence repositories, trackers, and dashboards.
• Support the use of Audit Board or similar GRC platforms for audit management, issue tracking, and evidence coordination.
• Identify opportunities to improve efficiency and consistency across certification, audit, and assessment activities globally.

• Bachelor’s degree in Information Security, Systems, Risk, Compliance, or a related field.
• 6–8 years of experience in information security compliance, audit support, or cyber risk management.
• Practical experience with ISO/IEC 27001 certification (execution or support).
• Experience with SOC 2 Type I or Type II reports.
• Experience with customer security audits or third‑party assessments.
• Experience supporting internal audit engagements related to information security and IT controls.
• Strong organizational skills and the ability to manage multiple audits and deadlines simultaneously.
• Experience working with cross‑functional and global stakeholders.
• Audit coordination and evidence management; disciplined, organized, and process‑driven attitude.
• Risk and control awareness, understanding how requirements map to controls and operational execution.
• Result‑oriented, able to manage competing priorities and multiple audits in parallel.

• Experience supporting global audit and certification programs, including coordination across regions.
• Familiarity with ISO 27001, NIST, SCF, PCI, FedRAMP, or CMMC.
• Experience using Audit Board or similar GRC platforms for audit management, evidence collection, issue tracking, and reporting.
• Professional certifications such as CISA, CISSP, CRISC, ISO 27001 Lead Implementer, or Auditor.

• Competitive salary and bonus plan.
• Paid vacation, holidays, and sick time.
• Comprehensive benefits package including 401(k), medical, dental, vision care.
• On‑job and cross‑training opportunities.
• Collaborative team environment supporting safety and well‑being.

HIRING SALARY RANGE: $100,000 – $150,000 (salary to be determined by experience, education, and market).

This is a hybrid role (2–3 days per week) based in Glendale, WI.

Johnson Controls International plc. is an equal employment opportunity and affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, genetic information, sexual orientation, gender identity, status as a qualified individual with a disability, or any other characteristic protected by law.