Back to All Jobs
Wickliffe, OH, US
3 days ago
IT Risk Management and Compliance Specialist

Job type: Full-time

Type of role: Hybrid 

About Lubrizol  
The Lubrizol Corporation, a Berkshire Hathaway company, is a specialty chemical company whose science delivers sustainable solutions to advance mobility, improve wellbeing and enhance modern life. Founded in 1928, Lubrizol owns and operates more than 100 manufacturing facilities, sales, and technical offices around the world and has about 8,000 employees. For more information, visit www.Lubrizol.com.

We value diversity in professional backgrounds and life experiences. By enabling a consistent, unbiased, and transparent recruitment process, Lubrizol seeks to create a positive experience for candidates so we can get to know them at their best. We recognize unique work and life situations and offer flexibility, ensuring our employees feel engaged and fulfilled in every aspect of life.   

 

Join Our Thriving Team at Lubrizol as an IT Risk Management and Compliance Specialist 

Unleash Your Potential. At Lubrizol, we're transforming the chemical industry and looking for exceptional talent to join us on this journey. If you are ready to join an international company with talent around the world and want to make a real impact, we want you on our team.

 

What You'll Do:  

As an IT Risk Management and Compliance Specialist, you'll be at the forefront of our innovation, utilizing the governance, risk and compliance programs of the company's global Information Security program. You'll collaborate with a diverse group of passionate individuals to deliver sustainable solutions to advance mobility, improve wellbeing and enhance modern life.

This role involves actively identifying and facilitating the elimination or mitigation of risks throughout the global environment, both internally and externally. You’ll partner with technical teams to advise on applicable control requirements and potential solutions, ensuring that third-party relationships are managed effectively and securely.

In addition to Third Party Risk Management, you’ll also be involved in internal auditing activities. You will participate in measuring and reporting compliance with IT policies and standards, conducting audits to assess the effectiveness and efficiency of risk management processes. This includes evaluating internal controls, identifying areas for improvement, and recommending and implementing enhancements to the program.

The IT Risk Management and Compliance Specialist plays a critical role in ensuring the global impact and importance of Lubrizol's Information Security program by managing third-party risks, conducting internal audits, and responding to external requests

 

Execute the IT Risk Management processes to identify, assess, evaluate, and treat risks, ensuring the global impact and importance of Lubrizol's Information Security program. Recommend and implement Risk Management Program process improvements to enhance the effectiveness and efficiency of risk management practices. Conduct technology and operational risk and compliance assessments to identify potential risks and ensure compliance with internal policies and external regulations. Partner with technical teams, advising on applicable control requirements and proposing potential solutions to address identified risks, fostering a secure and compliant environment. Conduct compliance assessments of controls for in-scope systems, including remediation assessments and audit-readiness assessments, to ensure adherence to IT policies and standards. Identify control deficiencies and maintain records of deficiency details, including management response documentation and evidence of exposure checks, to track and address areas for improvement. Collaborate on the 3rd Party Risk Management program, managing and mitigating risks associated with third-party relationships. Maintain and improve the Information Security Policy Set, ensuring that policies are up to date, aligned with industry best practices, and effectively communicated to employees. Provide insight and recommendations to leadership as part of a global information security team, contributing to continuous improvement efforts. Perform other information security activities as needed to support the overall objectives of the Information Security program at Lubrizol

 

Skills That Make a Difference: 

Bachelor's degree in Information Technology (IT), Information Security or a related field, providing a strong foundation in IT and Information Security principles and practices. Preferred certifications include CRISC (Certified in Risk and Information Systems Control), CISM (Certified Information Security Manager), or CISA (Certified Information Systems Auditor). Minimum of 1 year of relevant industry and professional experience in areas such as risk management, audit, third-party risk, operational risk, information security, or related fields. Knowledge of third-party risk management, including the ability to assess and manage risks associated with external vendors and partners. Experience with IT risk assessments and operational processes is also valuable, as well as familiarity with techniques for implementing regulatory requirements. Understanding of security domains, including identity and access management, authentication, encryption, application security, network security, vulnerability and patch management, information security metrics, policies, standards, and procedures. Knowledge of ISO and NIST security standards, which are widely recognized frameworks for information security management. Knowledge of CIS (Center for Internet Security) benchmarks and controls is preferred. Proficiency in Microsoft Windows-based operating systems and collaboration tools, enabling effective communication and collaboration within the organization. Demonstrated understanding of risk management processes, including the ability to identify, assess, evaluate, and treat risks in a systematic and structured manner. Knowledge of basic IT security principles, networking concepts, active directory, and SAP ECC/S4 concepts. Familiarity with risk management frameworks, such as ISO 31000 or COSO ERM, providing a structured approach to managing risks and ensuring compliance with industry standards. Experience in documenting issues and solutions to assist end users and co-workers in understanding and resolving similar problems, promoting knowledge sharing and collaboration within the organization. Strong analytical and problem-solving skills, enabling the ability to analyze complex information, identify patterns, and make informed decisions to mitigate risks. Knowledge of regulatory compliance requirements, such as GDPR, HIPAA, or SOX, depending on the industry and region of operation. Familiarity with data privacy and protection principles, including data classification, data retention, and data breach response. Understanding of incident response and business continuity planning, including the ability to develop and test incident response plans. Knowledge of cloud computing security principles and best practices, including familiarity with cloud service provider security frameworks (e.g., AWS, Azure, Google Cloud). Strong project management skills, including the ability to manage multiple projects simultaneously, prioritize tasks, and meet deadlines. Excellent communication and presentation skills, with the ability to effectively communicate complex technical concepts to both technical and non-technical stakeholders. Continuous learning mindset, staying updated with the latest trends, technologies, and regulatory changes in the field of IT risk management and compliance

 

Perks and Rewards That Inspire:

Competitive salary with performance-based bonus plans  401K Match plus Age Weighted Defined Contribution  Competitive medical, dental & vision offerings  Health Savings Account  Paid Holidays, Vacation, Parental Leave  Flexible work environment 

 

Learn more at benefits.lubrizol.com!

 

 

Ready for your next career step? Apply today and let's shape the future together! 

It’s an exciting time to be part of Lubrizol. Lubrizol is not staying put. We are continually learning and evolving. Our passion delivers our success — not only for Lubrizol but for those who count on us every day: our employees, customers and communities. 

We work with a relentless commitment to operate safely and responsibly, keeping safety, sustainability, ethics, and compliance at the forefront of everything we do. The well-being of our employees, customers and communities is paramount to our culture and in the way we approach our work.

As a diverse, global team, we work together to solve some of the world’s most pressing challenges. We impact everyday lives through science only Lubrizol can deliver, and we never stop pushing to do it better.

One of the founding principles of The Lubrizol Corporation more than 90 years ago was treating every employee with dignity and respect. That same commitment is only stronger today. 

More than that, we are committed to providing an environment where every employee can be the best they can be, no matter their race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veteran status or any other characteristic.

#LI-JM1 #LBZUS #LI-Hybrid  

Show More
Save & Apply Later Applying Later... Click to ApplyI AppliedDidn't Apply
Confirm your E-mail: Send Email
Apply for this job
Next Job »
All Jobs from Lubrizol
24 Lubrizol jobs in Wickliffe, OH 80 Lubrizol jobs in US
Next Job »
Search Jobs Lubrizol Apply Later
Processing Unique Jobs for You: