IT Governance & Risk Management Manager

Are you interested in being part of an innovative team that supports Westinghouse’s mission to provide clean energy solutions? At Westinghouse, we recognize that our employees are our most valuable asset and we seek to identify, attract and recruit the most qualified talent while recognizing and encouraging the value of diversity in the global workplace.

As an IT Governance & Risk Management Manager, you will lead the identification, assessment, and management of cybersecurity risk according to our goals, operational priorities, and regulatory obligations. You will oversee the execution and continuous improvement of our cybersecurity governance, risk, compliance, and security awareness programs. It evaluates risks, prioritizes them, and reduces them to acceptable levels through controls and informed decision-making. As a people and program leader, the manager provides direction, prioritization, and oversight of day‑to‑day GRC services while delivering clear risk reporting and assurance to senior leadership. The role partners with IT, Privacy, Legal, Audit, Global Supply Chain, and partners to ensure risk‑based outcomes and sustained maturity of the cybersecurity risk management program.

You will report to the Chief Information Security Officer and be located at Cranberry Township, PA. This is a hybrid role with 2 days remote.

Key Responsibilities:

• Lead a cybersecurity GRC team, providing direction, coaching, performance feedback, and development opportunities while ensuring delivery of governance, risk, compliance, and security awareness services.

• Oversee daily process of GRC and security awareness services, ensuring the team or service providers plan, prioritize, and complete operational tasks.

• Ensure consistent application of cybersecurity policies, standards, and frameworks, validating that requirements are understood, implemented, and operationalized across the organization.

• Provide governance and decision support to partners, being the primary contact for cybersecurity risk, policy, and compliance questions across IT, Legal, Privacy, Procurement, Audit, and business teams.

• Manage third-party and customer-facing cybersecurity activities.

• Improve GRC processes and services, identifying opportunities to refine workflows, enhance tooling, improve service delivery, and mature organizational risk management capabilities.

• Manage program outcomes and metrics, including cyber risk reporting, compliance posture, audit readiness, and security awareness effectiveness; translate operational results into clear, executive level insights.

Qualifications:

• Bachelor's degree in Information Security, Information Technology, Risk Management, or a related field, or equivalent professional experience.

• 4+ years of progressive experience in cybersecurity, IT risk management, compliance, or governance-related roles.

• Knowledge of cybersecurity principles, technologies, and controls, including threat and vulnerability management, incident response, and security awareness.

• An understanding of our needs and delivering high-quality, prompt and efficient service to the business

• An understanding of organizational mission and goals, and application of this knowledge.

• Knowledge of methodologies and best practices in conducting risk assessments, implementing risk mitigation strategies, and monitoring risk management effectiveness.

• Work with other cybersecurity teams, such as Threat and Vulnerability, to help prioritize systems that need remediation or containment.

• Engage, identify and assess cybersecurity risks and develop appropriate risk mitigation strategies.

• Oversee programs and personnel.

• Lead teams in multiple projects.

We are committed to transparency and equity in all of our people practices. The base salary range for this position, which is dependent upon experience, qualifications and skills, is estimated to be $130,400 to $163,000 per year.

#LI-Hybrid

Why Westinghouse?

Our benefits package is tailored to meet the diverse needs of our employees, while also promoting wellness and career growth. The following are representative of what we offer:

• Comprehensive Medical benefits which could include medical, dental, vision, prescription coverage and Health Savings Account (HSA) with employer contributions options

• Wellness Programs designed to support employees in maintaining their health and well-being including Employee Assistance Program providing support for our employees and their household members

• 401(k) with Company Match Contributions to support employees' retirement

• Paid Vacations and Company Holidays

• Opportunities for Flexible Work Arrangements to promote work-life balance

• Educational Reimbursement and Comprehensive Career Programs to help employees grow in their careers

• Global Recognition and Service Programs to celebrate employee accomplishments and service

• Employee Referral Program

Westinghouse Electric Company is the global nuclear energy industry's first choice for safe, clean, and efficient energy solutions. We enable our delivery of this vision by living our value system:

• Safety and Quality

• Integrity and Trust

• Customer Focus and Innovation

• Speed and Passion to Win

• Teamwork and Accountability

While our Global Headquarters are located in Cranberry Township, PA, we have over 11,000 employees working at locations in 19 different countries. You can learn more by visiting http://www.westinghousenuclear.com.

Westinghouse is an Equal Opportunity Employer including Veterans and Individuals with Disabilities

Get connected with Westinghouse on social media: Twitter | Facebook | LinkedIn| YouTube