IT Manager Security Control & Compliance
Company: Allison Transmission
Location: Indianapolis
Posted on: April 2, 2026
|
|
|
Job Description:
JOIN THE TEAM THAT’S POWERING PROGRESS Building cities. Driving
commerce. Fueling Progress. For over 100 years, Allison has powered
the vehicles and technology that move our world forward. What
powers us? Our employees. From the first person hired by James
Allison in 1915 to the thousands across the globe who work for
Allison today, we're driving progress everywhere because we employ
top talent worldwide. In both the Allison Transmission and Allison
Off-Highway Drive and Motion Systems business units, our team
strives to Improve the Way the World Works. Learn more about this
role and how you can begin driving your career forward! Benefits:
The below list features some of the benefits currently available.
Eligibility may be subject to the terms and conditions of governing
documents and available benefits may be subject to change at the
company’s discretion. Choice of medical plans with prescription
coverage Employer HSA contribution Dental & Vision Insurance Paid
Parental Leave Short & Long-Term Disability Other voluntary
benefits including: Critical Illness, Hospital Indemnity, Identity
Theft Protection and Pet Insurance 401K with generous Company match
& contribution Accrued Paid Time Off 12 Paid Holidays 1 Floating
Holiday Robust employee wellness program Tuition assistance program
Job Description: Position Overview The Manager of Governance, Risk
& Compliance (GRC) will lead Allison Transmission’s enterprise GRC
function within the IT Security organization. This role is
responsible for developing, implementing, and overseeing governance
frameworks, risk management practices, and compliance programs that
safeguard the organization’s information assets while enabling
business objectives. The successful candidate will collaborate
across business units, external partners, and regulators to ensure
alignment with internal policies, contractual requirements, and
global standards. Key Responsibilities Governance: Oversee the
management and operations of the GRC program, ensuring processes
are efficient, scalable, and auditable. Liaison: Serve as the
primary liaison for business engagement on security governance
topics and drive external collaboration with auditors and
regulators. Risk Management: Define and manage the organization’s
risk appetite in alignment with executive leadership while
conducting enterprise risk assessments. · Framework Alignment:
Manage and coordinate internal and external audits for CMMC, NIS2,
TISAX, SOX, NIST, and ISO frameworks, ensuring full remediation of
findings. Policy & Personnel: Lead the development and maintenance
of security policies and oversee personnel security programs,
including access certifications and role-based controls. Training &
Culture: Design and deliver security training programs for all end
users and specialized IT functions to promote a strong culture of
security awareness. Cross-Functional Leadership: Partner with
Finance, Legal, and Engineering business lines to translate
technical risks into actionable business impacts. Promote a strong
culture of security awareness across the organization. Key
Performance Measures: Audit Readiness: 100% compliance with
scheduled external audits (CMMC, SOX, TISAX, ISO) with zero
"Critical" findings. Risk Mitigation: Reduction in the
organization’s residual risk profile through timely mitigation of
identified vulnerabilities. Training Completion: Achievement of
>95% completion rate for annual security and role-based training
programs. Framework Maturity: Measurable year-over-year improvement
in the maturity levels of the CMMC and NIS2 programs.
Qualifications: Strong understanding of IT governance, risk
management, and compliance frameworks. Expertise in policy
development, risk assessments, and audit management. Demonstrated
ability to partner with business leaders and translate technical
risks into business impacts. Strong communication, collaboration,
and leadership skills. Familiarity with the following regulatory
and industry standards/frameworks: o CMMC (Cybersecurity Maturity
Model Certification) o NIST SP 800-171 o NIS2 Directive o ISO/IEC
27001 Experience: Years of Experience: Minimum of 7–10 years of
progressive experience in IT Security, Governance, Risk, or
Compliance. Leadership: Proven track record of leading teams and
managing complex, multi-year security initiatives. Framework
Expertise: Deep expertise in CMMC, NIST SP 800-171, NIS2 Directive,
ISO/IEC 27001, TISAX, and SOX. Communication: Exceptional
communication and collaboration skills, with the ability to
influence stakeholders across different business lines. Strategic
Alignment: Demonstrated ability to partner with business leaders
and translate technical risks into business impacts. Scope Factors:
People: Directly manages the GRC team and oversees indirect
reports/contractors during audit cycles. Geography: Responsible for
global compliance across US Headquarters and international sites
(e.g., ensuring NIS2 and TISAX compliance in relevant regions).
Allison Transmission is an equal opportunity employer. We have
opportunities for all qualified applicants regardless of age, race,
color, sex, religion, creed, national origin, disability, sexual
orientation, gender identity/expression or veteran status. If you
are an individual with a disability or a disabled veteran requiring
assistance and/or reasonable accommodations reviewing any of the
careers information, please contact us at
atiask4max@service-now.com . Please note that Allison Transmission
will make an offer of employment only to individuals who have
applied for a position using our official application. Be on alert
for possible fraudulent offers of employment. Allison Transmission
will not solicit money or banking information from applicants.
Keywords: Allison Transmission, Lafayette , IT Manager Security Control & Compliance, IT / Software / Systems , Indianapolis, Indiana
