×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant Data Security

IT Compliance Specialist

Job in Richmond, Henrico County, Virginia, 23214, USA
Listing for: NewMarket
Full Time position
Listed on 2025-12-27
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, Data Security
Job Description & How to Apply Below

About New Market Corporation

New Market Corporation, headquartered in Richmond, Virginia, is the parent company of Afton Chemical Corporation (Afton), Ethyl Corporation (Ethyl), and American Pacific Corporation (AMPAC). The Afton and Ethyl companies develop, manufacture, blend, and deliver chemical additives that enhance the performance of petroleum products. Afton is a leading manufacturer and marketer of performance enhancing fuel and lubricant additives with operations around the world.

AMPAC, with operations in the U.S., is a manufacturer of specialty materials primarily used in solid rocket motors for the aerospace and defense industries.

Job Summary

The IT Compliance Specialist supports the organization’s information security and compliance programs by ensuring adherence to corporate policies, industry standards, and regulatory requirements. This role focuses on security compliance management, third‑party risk evaluation, and cybersecurity awareness. The specialist administers phishing simulations, facilitates training initiatives, coordinates vendor security assessments, and contributes to continuous improvement of the organization’s cybersecurity governance framework.

Responsibilities
  • Security Compliance and Governance
    • Support the development, implementation, and maintenance of IT security policies, procedures, and standards in alignment with frameworks such as TISAX, NIST CSF, ISO 27001, and SOC 2.
    • Conduct periodic compliance reviews and audits to ensure controls are effective and documented.
    • Assist in preparing evidence and reports for internal and external audits.
    • Monitor regulatory changes and emerging compliance requirements to ensure organizational readiness.
  • Third‑Party and Vendor Risk Management
    • Manage and execute the third‑party security risk assessment process for new and existing vendors.
    • Evaluate vendor security documentation (SOC 2 reports, ISO certifications, questionnaires, etc.) and coordinate follow‑ups on remediation actions.
    • Collaborate with procurement, legal, and IT teams to ensure vendor relationships meet corporate security and compliance standards.
    • Maintain a centralized inventory of third‑party vendors and associated risk levels.
  • Cybersecurity Awareness and Phishing Simulation
    • Design, deploy, and track phishing simulation campaigns and cybersecurity awareness programs.
    • Analyze campaign metrics to identify high‑risk groups and tailor follow‑up training.
    • Develop and deliver security education content, ensuring employees understand key security responsibilities.
    • Partner with IT and Business to promote a culture of security awareness globally.
  • Audit Support and Risk Reporting
    • Assist in the coordination of internal and external IT audits, ensuring timely collection of evidence and accurate documentation.
    • Support risk assessments and contribute to reporting on compliance posture and risk metrics.
    • Maintain detailed records of audit findings, remediation efforts, and compliance exceptions.
  • Continuous Improvement and Collaboration
    • Collaborate with cybersecurity and IT operations teams to align technical controls with compliance requirements.
    • Recommend and implement improvements to compliance processes, awareness programs, and vendor governance workflows.
    • Serve as a liaison between the Security, IT, Legal, and Procurement functions to ensure consistent application of security and compliance standards.
Qualifications
  • Experience in information security, compliance, or IT audit, preferably in a global enterprise environment.
  • Proven ability to manage phishing simulations, security awareness training, or compliance programs.
  • Bachelor’s degree in Information Technology, Cybersecurity, or a related field.
  • Familiarity with vendor risk management practices and compliance frameworks (e.g., NIST, ISO 27001, SOC 2, GDPR).
Preferred Qualifications
  • Industry‑recognized certifications such as CISA, CRISC, CISM, or Security+.
  • Experience working with third‑party risk platforms, GRC tools, or security awareness solutions (e.g., KnowBe4, Proofpoint, or similar).
  • Background in audit support, regulatory compliance, or IT governance.

Due to the nature of our work with ITAR‑controlled items, this position requires access to…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search