Platzhalter Bild

Cybersecurity Compliance Manager at Gentex Corp

Gentex Corp · Simpson, United States Of America · Onsite

Apply Now

Description

Gentex at a Glance:

At Gentex Corporation, we’ve created an environment where great ideas and great people can thrive. Leveraging a history that spans over 130 years, Gentex is a global leader in personal protection and situational awareness solutions for defense forces, emergency responders, and industrial personnel operating in high performance environments. Join our multinational team of exceptional and dedicated employees around the world and work on challenging and rewarding projects, grow your skills, and advance your career all while making a positive difference in the lives of our customers. Together, you and Gentex can build a career that’s uniquely yours.


About the Job!

The Cybersecurity Compliance Manager plays a critical role ensuring that our organization adheres to regulatory, contractual, and DoD cybersecurity requirements. This role is particularly important because of our handling of sensitive data, Controlled Unclassified Information (CUI), and our required adherence to a CMMC 2.0 framework.  


Gentex offers a robust benefit package- including, but not limited to, medical/dental coverages, 401k, paid time off and excellent work schedules including a 9/80 work week.


Minimum Qualifications:

  • Bachelor’s degree required.
  • Certifications CISSP, CISM, or CCP.
  • Minimum 5–10 years of experience in cybersecurity, IT governance, risk management, or compliance.
  • Minimum 3–5 years of direct experience in managing compliance programs or audits.
  • Experience in industries with strict regulatory requirements, such as defense contracting, healthcare, finance, or government.
  • Familiarity with handling Controlled Unclassified Information (CUI) or other sensitive data is often required for roles tied to CMMC 2.0 compliance.

KNOWLEDGE, SKILLS AND ABILITIES:


• Understanding of cybersecurity principles, including:

o Access control and identity management.

o Network security and segmentation.

o Data encryption (at rest and in transit).

o Vulnerability management and patching.

o Incident response and disaster recovery.

 

• Experience with tools and technologies used in cybersecurity, such as:

o SIEM (e.g., Splunk, Microsoft Sentinel) for monitoring and logging.

o Vulnerability Scanners (e.g., Tenable Nessus, Qualys).

o Endpoint Detection and Response (EDR) tools (e.g., CrowdStrike, Microsoft Defender for Endpoint).

o Privileged Access Management (PAM) tools (e.g., PAM360, CyberArk).

o Configuration Management tools (e.g. Ansible, Puppet, Chef).


• IT Infrastructure Knowledge

o Familiarity with IT systems, including:

o Operating systems (Windows, Linux, macOS).

o Cloud platforms (AWS, Azure, Google Cloud).

o Networking concepts (firewalls, VPNs, VLANs, IDS/IPS).


• Experience implementing and managing compliance with:

o CMMC 2.0 (Cybersecurity Maturity Model Certification).

o NIST SP 800-171 (Protecting Controlled Unclassified Information).

o ISO 27001 (Information Security Management Systems).

o GDPR (General Data Protection Regulation).

o HIPAA (Health Insurance Portability and Accountability Act).

o SOX (Sarbanes-Oxley Act).


• Experience preparing for and managing internal and external audits, including:

o Conducting gap analyses to identify compliance deficiencies.

o Developing and maintaining System Security Plans (SSPs) and Plan of Action and Milestones (POA&M).

o Working with third-party assessors (e.g., C3PAOs for CMMC certification).


• Leadership and Team Management

o Experience leading cross-functional teams, including IT, security, legal, and HR.

o Ability to manage compliance projects, including timelines, budgets, and resources.

o Experience mentoring and training team members on compliance requirements.


• Communication Skills

o Ability to communicate complex cybersecurity and compliance concepts to non-technical stakeholders, including executives and board members.

o Experience preparing compliance reports and presentations for leadership.

o Strong writing skills for creating policies, procedures, and documentation.


• Collaboration

o Experience working with external stakeholders, such as auditors, regulators, and clients.

o Ability to collaborate across departments to ensure compliance is integrated into all business processes.


• Problem-Solving

o Strong analytical and problem-solving skills to address compliance gaps and security risks.

o Ability to adapt to changing regulatory requirements and business needs.



Responsibilities:

  • Ensure adherence to frameworks like CMMC, NIST
  • Create and enforce cybersecurity policies and procedures.
  • Identify, assess, and mitigate cybersecurity risks.
  • Prepare for and manage internal and external audits.
  • Maintain SSPs, POA&Ms, IRPs, and other compliance-related documents.
  • Collaborate on incident response and ensure regulatory reporting.
  • Educate employees on compliance requirements and best practices.
  • Work with internal and external stakeholders to address compliance concerns.
  • Monitor compliance posture and update controls as needed.
  • Provide strategic guidance and lead compliance initiatives.


To Apply:

Visit: https://gentexcorp.com/careers/


Gentex Corporation is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard for any applicable state or federal protected class. Gentex is an E-Verify Participant. Pre-employment drug/alcohol/background screening is required. Attention Massachusetts Applicants: it is unlawful for employers to administer or require lie detector tests as a condition of employment or continued employment.

Apply Now

Other home office and work from home jobs