At AAM, the POWER is in our people. We believe that an equitable and inclusive workplace benefits everyone and that the diversity of our Associates drives creativity and innovation. Our global team of associates is made of dreamers, doers and innovators who are Bringing the Future Faster by Delivering POWER for a safer, brighter and more sustainable tomorrow.

　　As a member of #TeamAAM, you'll get to make a difference on day one. You'll have the opportunity to grow, embrace challenges, build your skills and bring your authentic self to work every day, all while helping to shape the future of mobility for AAM...and the world.

　　Job Posting TitleManager, Information Security - Governance, Risk and Compliance (GRC)

　　Job Description SummaryTo ensure the protection of our critical assets including the confidentiality, integrity, and availability of our systems.

　　We are seeking an experienced leader in cyber risk and governance that has worked for a large global manufacturing organization.  This position will report to the Chief Information Security Officer (CISO) and support the Information Security team, providing leadership and administration over risk management (including third parties), compliance and security awareness.

　　Job DescriptionEnhance and maintain the third-party risk management program to ensure proper vetting and due diligence of third-party suppliersEngage with external vendors, suppliers, and customers to regularly assess their cybersecurity practices and ensure compliance with contractual requirementsMonitor, analyze, and track requests for policy exceptions and support the assessment and qualification of risks associated with deviationsMaintain an Information Security risk register and work with stakeholders to develop Corrective Action Plans to address risksCoordinate and report on the overall compliance to designated security frameworks and customer requirements such as TISAX, NIST CSF, CIS CSC, ISO 27001Work with IT and business stakeholders to perform ongoing reviews in line with security policies and information security regulations (SOX) and ensure effectiveness of IT General Controls (ITGC) and application controls related to IT complianceManage cybersecurity awareness and training programs to educate employees on best practices and promote a cyber-aware cultureMaintain cybersecurity policies, procedures, and standards in accordance with regulatory requirements and industry best practices

　　Required Skills and Education5+ years of experience working in a regulated space, with responsibilities relating to governance, risk and compliance, preferably in the automotive industryBachelor's degree in business, computer science, engineering, information security, or related degreeStrong understanding of cybersecurity principles, risk management methodologies, and industry standards such as NIST Cybersecurity Frameworks, ISO 27001, TISAX and SOC 2 audit complianceBroad experience in SOX and privacy regulation audit/assessmentExcellent communication and interpersonal skills to collaborate with cross-functional teams, present findings to management, and liaise with external stakeholdersAbility to adapt to a fast-paced and dynamic environment and manage multiple priorities effectivelyRelevant certifications such as CISSP, CISM, CRISC, or other industry-recognized certifications are highly desirableAbout American Axle & ManufacturingAs a leading global Tier 1 Automotive and Mobility Supplier, AAM (NYSE: AXL) designs, engineers and manufactures Driveline and Metal Forming technologies to support electric, hybrid and internal combustion vehicles. Headquartered in Detroit with nearly 85 facilities in 18 countries, AAM is bringing the future faster for a safer and more sustainable future. We work together to support our customers on global and regional platforms with a focus on quality,