IT Security Analyst - GRC

it’s what’s inside that counts

There’s more to CMC than our products and the buildings, structures, and roads they go into. At CMC, it’s the people inside our recycling centers, fabrication plants, manufacturing facilities, steel mills and offices that make us who we are as a company.

Our success comes from finding, retaining, and supporting the highest quality talent by offering :

• Day 1 Benefits Coverage with low cost Medical, Vision, Dental
• Day 1 Paid-time Off and Vacation
• 4.5% Company Match 401(k) plan
• $500 Annual Company-paid Lifestyle Benefit
• Competitive Compensation and Bonuses
• Company-paid Life and Disability Insurance
• Employee Stock Purchase Plan
• Training and Advancement Opportunities

Why This Job

CMC is a leading manufacture committed to excellence and innovation. We prioritize safeguarding our digital assets and ensuring the highest standards of IT security governance.

As part of our ongoing commitment to maintaining a secure digital environment, we are seeking a talented individual to join our team as an IT Security Governance Specialist.

The IT Security Governance Specialist will play a crucial role in developing, implementing, and maintaining robust IT security governance frameworks and practices within our organization.

This position requires a deep understanding of IT security principles, regulations, and best practices, as well as strong analytical and communication skills to effectively collaborate with various stakeholders.

CMC provides an excellent opportunity to learn the steel, construction reinforcement and ground stabilization industries and to grow in your career.

Whether you will spend your day brainstorming in an office cubicle, operating a crane, running manufacturing equipment or troubleshooting technical obstacles, at CMC, you’ll get the training and support from your team that you need to excel in your role and reach your full potential.

What You'll Do

• Develop and implement IT security governance frameworks, policies, and procedures to ensure compliance with regulatory requirements and industry standards
• Conduct regular assessments and audits of IT security controls to identify gaps, vulnerabilities, and areas for improvement
• Collaborate with cross-functional teams to establish and maintain effective risk management processes related to IT security
• Provide guidance and support to IT teams in implementing security controls and mitigating risks in their respective areas
• Monitor and report on compliance with IT security policies, standards, and regulations to senior management and relevant stakeholders
• Stay abreast of emerging threats, vulnerabilities, and regulatory changes in the IT security landscape, and recommend proactive measures to mitigate risks
• Participate in incident response activities, including investigating security incidents and breaches, and implementing remediation measures as necessary
• Foster a culture of security awareness and compliance across the organization through training, awareness programs, and regular communication

What You'll Need

• Proven experience (2 years) in IT security governance, risk management, or related fields
• Strong understanding of IT security principles, standards, and frameworks (e.g., ISO 27001, NIST Cybersecurity Framework, GDPR)
• Experience with conducting IT security assessments, audits, and risk assessments
• Excellent analytical and problem-solving skills, with the ability to prioritize and manage multiple tasks simultaneously
• Effective communication skills, with the ability to convey complex technical information to non-technical stakeholders
• Demonstrated ability to work collaboratively in a cross-functional team environment
• Experience with IT security tools and technologies, such as SIEM, DLP, IDS / IPS, and endpoint security solutions
• Minimum 5 years IT experience in a variety of technologies including : Windows, Linux, SAML, Office365
• Minimum 2 years in IT Security Risk and Governance : Controls Management, Risk Exposure Monitoring, NIST Framework
• Familiarity / experience with NIST CSF 1.10 or similar framework
• High degree of problem solving
• Demonstrated ability to effectively collaborate with and influence a variety of internal stakeholders
• Strong verbal and written communication skills with the ability to create and effectively deliver information and facilitate presentations
• Able to partner with various parts of the business to identify and achieve goals
• Ensures adequate controls on interfaces across platforms
• Makes effective, fact-based business decisions and recommendations
• Recognizes problems, identifies opportunities, and suggests solutions for improvement
• Seeks opportunities for learning / growth and is open to feedback
• Able to balance tactical decisions with bigger picture
• Strong ability to produce technical documentation
• Able to prioritize, plan and drive issues, tasks, and deliverables from concept to closure
• Is results focused; set exacting standards for self and others
• Is open to and supports organizational changes
• Demonstrates commitment to focus on customer service
• Willingness and ability to make quick and effective decisions
• Vendor Relationship management
• Demonstrated ability to support and work in a global, multi-site, cross functional, matrixed organization of employees, contractors, and service providers
• High organizational skills
• Accountable
• Proactive
• Prescriptive
• Calm in crisis situations
• Collaborative
• Leadership consultative / partner approach to clients

Your Education

Bachelor's degree in computer science, information systems, finance, or related discipline with an IT focus is preferred

We are Commercial Metals Company, a Fortune 500 company with a family feel that’s already part of your life. Our steel products have been supporting structures in more than 20 countries for over 100 years.

And the secret to our success? We’ve built our legacy by assembling a team of innovators and doers to tackle some of the most challenging problems facing our world over the last 100 years but we’re just getting started.

If you’re ready to reimagine ways to make the steel industry more sustainable, reinforce the bridges and roadways connecting our communities, and do meaningful work, you’re ready to join CMC.