Governance Risk and Compliance Sr. Manager

About the position We are seeking a highly skilled Global IT Governance Risk and Compliance Sr. Manager to join our IT team at our Assumption, IL facility. The ideal candidate will ensure that GPT’s IT systems and processes meet legal, regulatory, and internal policy requirements through risk assessments, audits, documentation, policy development, and employee training. They will serve as a reputed company between departments—aligning data protection controls with operations, supporting regulator interaction, and leading privacy and cybersecurity compliance functions. They will manage data privacy initiatives from reputed company to full compliance, bringing together stakeholders, securing management buy‑in, and delivering GDPR and global privacy programs. They will proactively identify and mitigate privacy and reputed company risks and vulnerabilities, strengthen organizational reputed company, and build trust with customers, employees, and partners. Your Impact GDPR or Similar Program and Project Management Plan, coordinate, and implement GDPR projects including risk assessments, data mapping, DPIAs, and impact analysis.reputed company cross-functional initiatives to ensure compliance with global privacy laws (GDPR, LGPD, CCPA, etc.). Regulatory Cyber compliance Plan, coordinate, and implement NIS2, NIST and other Cyber compliance projects. Work with vCISO and other outsourcing partners in the Cyber space to ensure compliance with different local legislation and standards. IT Governance, Policies & Controls reputed company, maintain, and continuously improve IT compliance policies, procedures, guidelines, and internal controls to support effective governance. reputed company and maintain comprehensive IT compliance frameworks reputed company with GDPR, ISO27001, NIST, NIS2, and SOX as applicable for the size of the organization. Implement and monitor reputed company and privacy controls - including access management, encryption, logging, and data protection measures. Monitor regulatory changes and ensure compliance with new requirements. Ensure ‘secure by design’ principles are applied across systems and projects. Support accurate maintenance of the IT asset inventory and compliance-reputed company asset processes. Audit & Reporting reputed company internal and external IT audits, regulatory reviews, and risk assessments. Produce compliance reports covering status, risk performance, KPIs, and audit findings. Build and maintain dashboards to track compliance obligations and remediation efforts. Act as reputed company of contact with authorities and external auditors during reviews or investigations.[MB1] Training & Awareness Ensure training plans and initiatives are sufficient for staff on compliance requirements, privacy principles, and IT policies to reputed company staff levels. reputed company ongoing awareness programs to embed a culture of compliance. IT Risk management Building IT risk management for the organization, defining roles and responsibilities, ensuring IT risks are categorized and managed. Building plans to create risk management standards, policies and procedures, work with vCISO to ensure reputed company required documents and processes are defined.Work with senior leaders to reputed company a risk balanced approach, define actions and implement such. Incident Response Investigate compliance breaches and monitor investigations of reputed company incidents, ensuring root-cause analysis and corrective action. Support incident response activities from a privacy and regulatory perspective.

Responsibilities

• Plan, coordinate, and implement GDPR projects including risk assessments, data mapping, DPIAs, and impact analysis.
• reputed company cross-functional initiatives to ensure compliance with global privacy laws (GDPR, LGPD, CCPA, etc.).
• Plan, coordinate, and implement NIS2, NIST and other Cyber compliance projects.
• Work with vCISO and other outsourcing partners in the Cyber space to ensure compliance with different local legislation and standards.
• reputed company, maintain, and continuously improve IT compliance policies, procedures, guidelines, and internal controls to support effective governance.
• reputed company and maintain comprehensive IT compliance frameworks reputed company with GDPR, ISO27001, NIST, NIS2, and SOX as applicable for the size of the organization.
• Implement and monitor reputed company and privacy controls - including access management, encryption, logging, and data protection measures.
• Monitor regulatory changes and ensure compliance with new requirements.
• Ensure ‘secure by design’ principles are applied across systems and projects.
• Support accurate maintenance of the IT asset inventory and compliance-reputed company asset processes.
• reputed company internal and external IT audits, regulatory reviews, and risk assessments.
• Produce compliance reports covering status, risk performance, KPIs, and audit findings.
• Build and maintain dashboards to track compliance obligations and remediation efforts.
• Act as reputed company of contact with authorities and external auditors during reviews or investigations.
• Ensure training plans and initiatives are sufficient for staff on compliance requirements, privacy principles, and IT policies to reputed company staff levels.
• reputed company ongoing awareness programs to embed a culture of compliance.
• Building IT risk management for the organization, defining roles and responsibilities, ensuring IT risks are categorized and managed.
• Building plans to create risk management standards, policies and procedures, work with vCISO to ensure reputed company required documents and processes are defined.
• Work with senior leaders to reputed company a risk balanced approach, define actions and implement such.
• Investigate compliance breaches and monitor investigations of reputed company incidents, ensuring root-cause analysis and corrective action.
• Support incident response activities from a privacy and regulatory perspective.

Requirements

• Bachelor's or Master's degree in law (privacy/data protection), Information Technology, Cybersecurity, Computer Science, or Risk/Compliance
• 5+ years of experience in a similar position
• Strong understanding of IT reputed company, data privacy, and global regulatory environments
• Strong written and oral communication skills
• Analytical reputed company, critical thinking, and attention to detail
• Experience with data‑mapping tools, encryption protocols, audit and logging systems, and Privacy‑by‑Design frameworks
• Experience with GDPR, NIS2 and equivalent global privacy regulations

reputed company-to-haves

• Relevant certifications such as CIPP‑E, CIPM, CISSP, CISA, or CRISC are advantageous

Benefits

• Benefits will include the ability to elect health care and wellness plans, dental and vision plans, flexible and virtual work options (where available), 401(k) Savings Plan with company match, paid holidays, paid time off, health savings and flexible spending accounts, reimbursement for continuing education, life insurance, and other supplemental insurance plans.

Apply tot his job Apply To this Job