×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

IT​/OT GRC Program Manager

Job in Hartford, Hartford County, Connecticut, 06112, USA
Listing for: Glocomms
Full Time position
Listed on 2026-02-16
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

Job Description:

IT/OT Governance, Risk & Compliance (GRC) Program Manager

Location: Danbury, Connecticut - Hybrid (3 days onsite / 2 days remote)

Role Type: Full‑time

Overview

Our client is an industrial technology provider seeking an experienced IT/OT Governance, Risk & Compliance (GRC) Program Manager to lead organizational security governance across both traditional IT environments and operational technology (OT) systems. This role serves as a bridge between regulatory frameworks and practical engineering implementation, ensuring that security standards are defined, adopted, and continuously validated.

The ideal candidate combines strategic program leadership with hands‑on execution-driving compliance initiatives, partnering with engineering teams, and maintaining a consistent audit‑ready posture.

Key Responsibilities Security Governance & Framework Alignment
  • Lead the development, maintenance, and execution of IT and OT security frameworks (e.g., NIST CSF, IEC 62443).
  • Define ownership and accountability for control implementation across teams.
  • Assess capability gaps and recommend staffing, training, or process improvements.
Product & Engineering Partnership
  • Integrate secure‑by‑design principles into the engineering lifecycle.
  • Ensure products and systems align with relevant regulatory expectations and internal security requirements.
Compliance Baseline Development
  • Create and maintain enterprise security standards, technical baselines, and control requirements.
  • Validate alignment through on‑site reviews, documentation assessments, and independent verification activities.
Corrective Action & Risk Management
  • Govern the tracking and remediation of audit findings, exceptions, risk acceptances, and deviations.
  • Drive timely resolution of issues and elevate blockers when appropriate.
  • Maintain a centralized risk register and guide risk identification, evaluation, and prioritization.
Operationalization of Compliance
  • Translate regulatory requirements into practical operational procedures.
  • Collaborate directly with engineers and system owners to configure, deploy, and validate controls across IT and OT environments.
Audit Preparation & Assurance Testing
  • Serve as the primary point of contact for internal and external audits.
  • Maintain a continuous audit‑ready environment through curated evidence and control documentation.
  • Conduct internal control assessments, mock audits, and site‑level walkthroughs.
Third‑Party Risk Management
  • Evaluate supplier and vendor security posture.
  • Enforce remediation actions or risk acceptance decisions before contract execution.
Security Reporting & Metrics
  • Transform technical findings into clear business‑level insights.
  • Provide leadership with validated reporting on risk reduction, compliance posture, and program health.
GRC Platform Administration
  • Oversee configuration, workflows, automation, and evidence collection processes within GRC software tools.
Awareness & Training
  • Develop and deliver role‑specific cybersecurity training to engineering, operations, and technical teams.
OT Environment Governance
  • Collaborate with OT and engineering teams to maintain accurate asset inventories.
  • Support network segmentation, zoning, and architecture decisions aligned with OT security best practices.
Incident Response Collaboration
  • Incorporate lessons learned from security incidents into program updates, policies, and control enhancements.
Qualifications Education
  • Bachelor's degree in Information Technology, Cybersecurity, Engineering, or related field (or equivalent experience).
Certifications (Preferred)
  • CISA, CISM, CRISC
  • CGRC or comparable governance/risk certification
  • IEC/ISA 62443 training or credentials
Experience
  • 7+ years in IT/OT GRC, cybersecurity governance, compliance, audit, or similar roles.
  • Demonstrated experience with:
    • Designing and operationalizing governance programs
    • Mapping and implementing controls aligned to NIST CSF and/or IEC 62443
    • Managing change control, exceptions, and compensating controls
    • Cross‑functional stakeholder engagement and conflict resolution
    • Evidence management, documentation rigor, and audit readiness
    • Program and project management, KPIs, and continuous improvement initiatives
Working Conditions
  • Hybrid work schedule.
  • Ability to work in office, technical, and industrial environments as required.
  • Ability to sit or stand for extended periods; may require occasional lifting up to 25 lbs.
  • Occasional travel (up to ~10%).
  • Ability to wear applicable PPE in operational areas.
#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search