IT Manager Security Control & Compliance
Allison Transmission•Indianapolis, IN
1d
About The Position
The Manager of Governance, Risk & Compliance (GRC) will lead Allison Transmission’s enterprise GRC function within the IT Security organization. This role is responsible for developing, implementing, and overseeing governance frameworks, risk management practices, and compliance programs that safeguard the organization’s information assets while enabling business objectives. The successful candidate will collaborate across business units, external partners, and regulators to ensure alignment with internal policies, contractual requirements, and global standards.
Requirements
- Strong understanding of IT governance, risk management, and compliance frameworks.
- Expertise in policy development, risk assessments, and audit management.
- Demonstrated ability to partner with business leaders and translate technical risks into business impacts.
- Strong communication, collaboration, and leadership skills.
- Familiarity with the following regulatory and industry standards/frameworks: o CMMC (Cybersecurity Maturity Model Certification) o NIST SP 800-171 o NIS2 Directive o ISO/IEC 27001
- Minimum of 7–10 years of progressive experience in IT Security, Governance, Risk, or Compliance.
- Proven track record of leading teams and managing complex, multi-year security initiatives.
- Deep expertise in CMMC, NIST SP 800-171, NIS2 Directive, ISO/IEC 27001, TISAX, and SOX.
- Exceptional communication and collaboration skills, with the ability to influence stakeholders across different business lines.
- Demonstrated ability to partner with business leaders and translate technical risks into business impacts.
Responsibilities
- Oversee the management and operations of the GRC program, ensuring processes are efficient, scalable, and auditable.
- Serve as the primary liaison for business engagement on security governance topics and drive external collaboration with auditors and regulators.
- Define and manage the organization’s risk appetite in alignment with executive leadership while conducting enterprise risk assessments.
- Manage and coordinate internal and external audits for CMMC, NIS2, TISAX, SOX, NIST, and ISO frameworks, ensuring full remediation of findings.
- Lead the development and maintenance of security policies and oversee personnel security programs, including access certifications and role-based controls.
- Design and deliver security training programs for all end users and specialized IT functions to promote a strong culture of security awareness.
- Partner with Finance, Legal, and Engineering business lines to translate technical risks into actionable business impacts.
- Promote a strong culture of security awareness across the organization.
Benefits
- Choice of medical plans with prescription coverage
- Employer HSA contribution
- Dental & Vision Insurance
- Paid Parental Leave
- Short & Long-Term Disability
- Other voluntary benefits including: Critical Illness, Hospital Indemnity, Identity Theft Protection and Pet Insurance
- 401K with generous Company match & contribution
- Accrued Paid Time Off
- 12 Paid Holidays + 1 Floating Holiday
- Robust employee wellness program
- Tuition assistance program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Manager
Education Level
No Education Listed
