Advisor, Information Security GRC
Mercedes-Benz USA
Roles and Responsibilities Governance, Risk & Compliance (GRC) Lead and continuously enhance the Information Security Risk Management Program aligned with Mercedes-Benz A22 RISE policies Establish governance for secure and responsible adoption of AI (AI-on-AI security) ensuring compliance with corporate and regulatory expectations Define, implement, and enforce security policies, standards, and control frameworks across business and technology units Establish and monitor KPIs to proactively identify risk trends through Risk & Business Impact Assessments Maintain enterprise security architecture aligned with evolving threat landscape and business strategy Partner with senior leadership to drive a consistent, repeatable, and measurable risk management strategy Oversee Business Continuity and resiliency programs ensuring organizational readiness Audit, Compliance & Regulatory Assurance Ensure audit readiness and drive successful closure of all Audits (corporate, AMBISS and internal assessments) Lead audit planning, execution, and audit preparedness activities, including internal audits and control testing Use AI to predict audit findings, identify control gaps early, and recommend remediation actions Implement AI-driven control validation and evidence collection to accelerate audit cycles and reduce manual effort Design and implement controls, policies, and procedures driven by audit requirements Maintain controls monitoring dashboards and provide transparency on compliance posture Coordinate with DPO and BISO to ensure adherence to data privacy regulations (state and global) Act as the primary interface with auditors, regulators, and internal compliance stakeholders AI-Enabled Secure SDLC, DevSecOps & Application Security Embed security into the software lifecycle and enable secure digital transformation Integrate AI-driven security testing and code analysis across SDLC and DevSecOps pipelines Leverage AI for automated vulnerability triage, root cause analysis, and remediation recommendations Enable “shift-left + auto-fix” capabilities, reducing resolution time through intelligent automation/AI Drive adoption of AI copilots for developers to enforce secure coding practices in real time Govern security quality gates with AI-backed risk scoring before production releases AI-Driven Third-Party, Cloud & Emerging Technology Security Lead third-party cyber risk management (TPCRM) ensuring vendors meet security and compliance requirements Define and enforce security requirements in procurement processes and vendor onboarding Conduct cloud security assessments and ensure alignment with enterprise security standards Define and implement AI-powered third-party cyber risk management (TPCRM) for continuous vendor monitoring and risk scoring Establish governance frameworks for AI systems, including model risk, data integrity, and adversarial threats Leverage AI to analyze vendor risks, detect anomalies, and automate risk mitigation strategies Support governance and risk management for emerging technologies including AI and digital platforms Ensure all external and SaaS integrations adhere to corporate security and privacy standards Security Operations Governance, Incident Readiness & Awareness Drive operational excellence, incident preparedness, and a security-first culture Develop and maintain enterprise Incident Response plans covering key cyber-attack scenarios Support cybersecurity incident response activities and post-incident improvements Lead enterprise-wide security awareness programs including phishing campaigns, training, and annual events Modernize awareness programs using AI-driven simulations, adaptive phishing campaigns, and behavioral insights Train application owners and business leaders on security policies, ensuring consistent adoption. This position reports to NAFTA Information Security Officer, closely working with the Director Cyber Security & Cross Functions. Qualifications Education Bachelor's Degree (accredited school) or equivalent with emphasis in Computer Science/Information Technology Knowledge, Skills & Abilities Minimum of 10+ years of relevant work experience in IT Deep knowledge of Information Security Governance, Risk Management, and Compliance frameworks (NIST, ISO 27001, Mercedes-Benz A22 RISE) Strong understanding of enterprise risk management, audit processes, control design, and regulatory compliance Knowledge of audit methodologies, evidence collection, and control validation techniques Familiarity with data privacy regulations and frameworks (state, global, GDPR-aligned concepts) Understanding of AI/ML fundamentals and their application in cybersecurity and risk management Knowledge of AI governance principles, including Model risk, data integrity, and adversarial threats Responsible AI usage and compliance expectations Drive adoption of AI/automation to significantly reduce remediation timelines and manual efforts Ability to create awareness, accountability, and ownership across the organization Skills to train, coach, and empower teams to integrate security into daily operations Ability to translate complex security, audit, and AI concepts into simple, business-relevant outcomes Awareness of automation and analytics tools that enhance risk detection and remediation Knowledge of IT guidelines and corporate IT policies, IT standards, knowledge of IT organization (e.g., for escalation paths for non-standard requests) Overview of current threats, risks, information security techniques, and controls to mitigate them In-depth knowledge of IT security, in particular firewalls, protocols, encryption, authentication and authorization, and secure system design and programming Experience with MBUSA, Mercedes-Benz's work culture, and association with IT leadership, supervisors, and employees would be a big plus Strong ability to deal with conflicts Driving initiatives and successfully managing scope, timeline, budgets, and quality Motivating and inspiring team members Experience with Networking, SAP Security, Cloud-based applications, Server hardening/security baseline standards, patch management, and remediations Experience with Security Operations, Incident Response Identity, and Access Management (MFA, SSO) Identify and estimate the future needs of the organization through constant interaction with the users and IT leadership, conducting regularly scheduled user status/planning meetings Excellent written, verbal communication, interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and non-technical audiences Strong proficiency with common management frameworks, regulatory requirements, and industry-leading practices Certifications The ideal candidate must have relevant cyber security certifications. CISA/CISM/CISSP preferred Experience with or willingness to pursue AI-related security certifications is strongly preferred The ideal candidate must pursue Current & Future Mercedes-Benz-mandated certifications Additional Information No Sponsorship/Visa Transfer Available Must be able to work flexible hours/work schedule Travel Domestic and International Work Holidays, Weekends when required Benefits Mitarbeiterhandy möglich Mitarbeiter Events Gesundheitsmaßnahmen Betriebliche Altersversorgung Mobilitätsangebote Flexible Arbeitszeit möglich Mitarbeiterrabatte möglich Coaching Mitarbeiterbeteiligung möglich Parkplatz Gute Anbindung Barrierefreiheit Kinderbetreuung Kantine, Café EEO Statement Mercedes-Benz USA is committed to fostering an inclusive environment that appreciates and leverages the diversity of our team. Accordingly, we provide equal employment opportunity (EEO) to all qualified applicants and employees without regard to race, color, ethnicity, gender, age, national origin, religion, marital status, and veteran status, physical or other disability, sexual orientation, or gender identity. #J-18808-Ljbffr Mercedes-Benz USA
- Job Description - Advisor, Information Security GRC (MER00044FQ) Advisor, Information Security GRC Group : Mercedes-Benz Group AG Description About Us Mercedes-Benz USA is responsible for the sales, marketing and service of all Mercedes-Benz and Maybach products in the...SuggestedWork experience placementFlexible hoursShift workWeekend work
- ...Overview Job Purpose The Engineer, Information Security GRC is part of a team responsible for the global Information Security program. The role would gain exposure to the full suite of businesses and products which underpin the Parent ICE company. Information...SuggestedWork experience placement
- Daimler Trucks North America LLC is seeking an experienced Advisor, Information Security GRC to lead Governance, Risk, and Compliance programs. The role requires a minimum of 10 years' experience in IT, emphasizing Information Security Governance and Risk Management. Located...Suggested
- Operational Resilience Senior Advisor (Information Security Senior Advisor) Location: This role requires associates to be in-office 1-2 days per week, fostering collaboration and connectivity, while providing flexibility to support productivity and work-life balance. This...SuggestedWork at officeLocal area2 days per week1 day per week
- ...projects including SOC examinations, audits, and compliance. The role requires a minimum of 3 years of relevant experience in Information Security or IT, a degree in a related field, and proficiency in technical frameworks such as COBIT and ISO standards. The position...Suggested
$133.2k - $199.8k
...operations design and material and information flow. We deliver exceptional... ..., Risk & Compliance (GRC) to lead and mature our enterprise... ...management, compliance, and security assurance programs. This role... .... Serve as a trusted advisor on cybersecurity governance,...Local areaWorldwide- ...cybersecurity governance professional to drive risk assessment and security standards across its global operations. This position based in... ...stakeholder engagement skills. Join CRH to play a vital role in enhancing our information security landscape. #J-18808-Ljbffr CRH
- ...and ensure compliance with regulations. This professional will assess business policies, manage risks related to information assets, and implement security measures. Candidates should have a bachelor’s degree in cybersecurity or a related field, with 5+ years of experience...
$115k - $135k
...key subject matter expert and advisor to Fujifilm business teams on... ...data mapping and inventory information, collaborating with Data Governance... ...Collaborate with information security team to ensure that security... ...) and privacy management or GRC platforms. Experience with...Remote workFlexible hours$57.69 - $64.9 per hour
...Qualifications Bachelor's degree in cybersecurity, information security, information assurance, or a related field, or an equivalent combination... .... One or more intermediate or advanced cybersecurity/GRC certifications such as CISSP, CISM, CISA, SecurityX, CCNP‑Security...Contract workTemporary work- ...versatile Governance, Risk, and Compliance (GRC) Cybersecurity Analyst to lead the... ...government regulations for the protection of information. The ideal candidate is a smart, humble... ..., and maintenance of enterprise-wide security policies, standards, and procedures.* Conduct...Hourly payContract work
$198k - $273k
Domain Consultant - Security Operations Transformation Domain Consultant - Security Operations... .... Proficient in English Additional Information The Team Our Domain Consultant team... ...Markets Staff Cyber Security Engineer - GRC (REMOTE) Atlanta, GA $85,000.00-$230,000...Full timeRemote work- ...responsible for strengthening Veritiv's security posture through both cybersecurity operations... ...to automate and streamline GRC and security operations processes (e.g.,... ...: Bachelor's Degree Preferred Certified Information Systems Security Professional (CISSP) -...Work experience placementWork at office
- ...Project/Unit Description GTRI created the Information and Cybersecurity Department (ICD) to... ...organization's cybersecurity posture and enable secure innovation and research. ICD operates a... ...The Governance, Risk, and Compliance (GRC) Team, which focuses on policy and standards...Contract workFor contractorsWork at officeLocal area
- ...(TPS) organization following enterprise information risk management policies and standards.... ...position will work closely with the Chief Security Officer and Senior Leadership and... ...Services operational functions, including GRC, Fraud, Cyber Operations, Cyber Protection...Full timePart timeWork experience placementShift workDay shift
- Cyber Security Tower Lead Location: Atlanta, GA (onsite) Duration: 6+ Month Experience/Role... ...antivirus solutions/systems, IAM/PAM & GRC. Must have 15+ years' experience in... ...Should supervise a team of very experienced information security staff consisting of full-time employees...Full timePart timeFor contractors
$69k - $101k
...higher. We do the right thing—today and for generations to come. Job Purpose and Impact ~ The Application Developer- SAP/GRC Security job maintains, integrates and implements software applications for SAP within the organization. With limited supervision, this...Work experience placement- ...company's readiness to comply with emerging laws, and implementation of best practices. This role will be involved in the overall Information Security Management (ISM) activities as they are developed, with the objective that the Data Privacy (DP) and ISM areas will support...Flexible hours
- ...resume along with your contact information to ****@*****.*** Role : Principal Cyber Security Engineer Location : Bellevue, WA... ...as act as a Principal security advisor to cross-functional teams for... ...Staff Cyber Security Engineer - GRC (REMOTE) Atlanta, GA $85,000.00...Long term contractContract workRemote work
- ...and supporting Payment Card Industry Data Security Standard (PCI DSS) compliance activities... ...Requirements BS/BA degree in Information Technology or related field of study Minimum... ...cybersecurity, PCI compliance, IT audit, GRC, technology risk management, information...
- ...investigations, intelligence collection, and extracting actionable information from intelligence sources. Conduct all‑source analysis of... ...with a PhD. 6-8 years' experience in payment card or information security industry, all‑source cyber intelligence organizations,...Work experience placementWork at officeLocal areaWeekend work
- ...Title: Cyber Security Analyst Location: Remote (U.S., New York Preferred) About Rhymetec: Rhymetec was founded in New York... ...of clients. ~ Draft supporting documents for clients’ information security management systems and information security policies....Work experience placementSummer workRemote work
$87.7k - $164k
...these qualities. Today’s world is fuelled by vast amounts of information. Data is more valuable than ever before. Protecting data and... ...is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950...Summer holidayLocal areaFlexible hours- Georgia Tech Research Institute (GTRI) is seeking a GRC Cybersecurity Analyst in Atlanta, GA. This role is focused... ...risk management and compliance to protect sensitive information. Responsibilities include monitoring security incidents, conducting risk assessments, and...
$140.6k - $186.36k
...Third‑Party Risk Management (TPRM) lead, security engineering teams, and other functions.... ...and risk management tooling, including GRC, IRM, or dedicated risk platforms. Working... ...following 90 days of employment. More information about benefits is available at rivianbenefits...Full timeContract workTemporary workPart timeLocal areaShift work- ...generations to come. Job Purpose and Impact ~ The Data Security Architect will drive the enterprise data protection strategy... ...experience. Bachelor’s degree in Computer science, Information Security, Engineering, or equivalent practical experience....Work experience placement
- Yochana in Atlanta, GA is seeking a Security Consultant (GRC, SOX, DB Controls) to lead security assessments and ensure SOX compliance across database-driven applications. The role emphasizes governance, architecture, and risk mitigation. Candidates should have experience...
- ...seeking an experienced Senior Security Architect for a staff... ...landscape. Serve as a strategic advisor to technology and business leadership... ...to safeguard sensitive information. Governance & Standards Champion... ..., Risk, and Compliance (GRC) capabilities Designing scalable...
- ...strategic Lead IT Enterprise Architect – Security to define, lead, and evolve the... ...Stakeholder Engagement Act as a trusted advisor to CIO, CISO, Honeywell Global Security... ...or Master’s degree in Computer Science, Information Security, or related field. 10+ years of...Temporary workMonday to FridayFlexible hours
$120k - $130k
Deluxe is seeking an Information Security Staff Risk Analyst in Atlanta, Georgia. The role involves leading cyber resiliency initiatives, overseeing documentation for the cyber risk management program, and collaborating across teams to enhance security protocols. Candidates...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Advisor, Information Security GRC. Be the first to apply!
- information security consultant Atlanta, GA
- remote cyber security analyst Atlanta, GA
- cyber security analyst Atlanta, GA
- information security internship Atlanta, GA
- entry level information security analyst Atlanta, GA
- information technology security engineer Atlanta, GA
- senior director information security Atlanta, GA
- information security compliance analyst Atlanta, GA
- information security analyst Atlanta, GA
- information security Atlanta, GA


