It Specialist - Cybersecurity Governance

Job Responsibilities
This position will have responsibilities and accountabilities that will impact Eaton's cybersecurity for both internal/IT operations as well as customer-facing offerings and will report to the Director of Cybersecurity Governance within the Office of the CISO. Key responsibilities, Qualifications and Experience as follows:

== Key Responsibilities ==

Policy Development & Lifecycle Management
Overhaul and rewrite the company's IT security and compliance policies to address gaps, inconsistencies, and outdated content.
Define and implement a policy lifecycle management process, including drafting, review, approval, communication, periodic review, and retirement.
Integrate and align policies and standards with established or identified frameworks, ensuring traceability to applicable compliance requirements (e.g., SOC2, SOX, PCI DSS, CMMC, NERC CIP, HIPAA, ISO/IEC 27001, NIST CSF, etc.).

* Collaboration & Stakeholder Engagement
Partner with senior leaders, enterprise architects, control owners, and audit teams to develop policy language that is achievable, measurable, and aligned with business realities.
Collaborate with architects, process owners, and subject matter experts to implement standards that meet policy requirements.
Facilitate workshops, requirements elicitation sessions, and cross-functional reviews to build consensus and drive adoption.
Act as a trusted advisor on emerging regulatory requirements, controls, and best practices.
Partner with Risk, Compliance, Organizational Change Management, and Communications teams to foster cohesive governance policies and successful implementations of new or changed policy.

Audit & Compliance Alignment
Ensure policies are mapped to control frameworks and audit criteria, enabling demonstrable compliance during internal and external audits.
Support evidence preparation and auditor discussions by ensuring policies are clear, consistently applied, and well-documented.

Thought Leadership & Best Practices
Independently research new topics and requirements and introduce these to the business in a manner that is relevant and understandable to varying stakeholders.
Monitor regulatory, legal, and industry trends to ensure policies remain current.
Champion best practices in Governance, Risk, and Compliance, including harmonizing policies with risk management and business continuity programs.
Mentor and coach colleagues on effective policy writing and governance approaches.
Lead continuous improvement and look for ways to leverage new capabilities such as AI and automation.
Identify new or innovative ways to ensure awareness and acknowledgment of policies and standards

Qualifications:

Basic Qualifications (Must Haves):

• Bachelors' degree from an accredited
• Minimum of at least (10) ten years of progressive experience in information security, IT risk, compliance, or governance, with at least (5) five years in a senior-level or lead role.
• Demonstrated success in developing, implementing, and maintaining IT/security policies and standards in a regulated enterprise environment.
• Experience managing compliance with multiple frameworks (SOC 2, SOX, PCI DSS, CMMC, NERC, HIPAA, ISO 27001, NIST CSF, FedRAMP, etc.)
• Experience as an external auditor with an auditing or consulting firm.
• Must be authorized to work in the United States without company sponsorship now or in the future

Preferred Qualifcations:

• Master's Degree
• Security & Compliance Frameworks Examples: SOC 2, SOX, PCI DSS, HIPAA, NERC CIP, CMMC, FedRAMP, ISO/IEC 27001, NIST CSF, and NIST SP 800-53.
• Policy Development Knowledge of effective policy architecture, version control, lifecycle management, and traceability to compliance requirements.
• Risk & Control Mapping Ability to align policies with control objectives across multiple frameworks, harmonizing overlapping requirements.
• Audit Readiness Familiarity with internal and external audit processes, evidence mapping, and remediation tracking.
• IT Security Domains Core understanding of access control, encryption, network security, incident response, vulnerability management, disaster recovery, and cloud security governance.
• Regulatory Awareness Up-to-date knowledge of evolving regulations impacting global enterprises (e.g., GDPR, U.S. state privacy laws, DORA, AI Act).
• Tooling & Automation (preferred) Experience with GRC platforms (e.g., Archer, ServiceNow GRC, OneTrust), audit management tools, and collaboration systems (e.g., Confluence, SharePoint, Teams).

Skills:

== Skills & Competencies ==

Exceptional written communication skills, capable of translating technical concepts into policy language accessible to diverse stakeholders.
Proven ability to lead through change, drive consensus, and gain buy-in across business and technical leadership.
Strong facilitation and requirements elicitation skills.
Familiarity with audit processes and ability to prepare organizations for successful external reviews.
Strategic thinker with the ability to balance compliance obligations with business practicality.

Soft skills

Beyond technical expertise, this role demands a highly skilled communicator and change leader who can engage executives, technical teams, and auditors alike. The candidate must be able to translate complex requirements into accessible guidance, drive consensus in diverse stakeholder groups, and foster a culture of accountability and compliance across the organization.

Strategic Communication - Exceptional written and verbal communication skills; ability to create policy documents that are clear, concise, and persuasive.
Influence and Consensus-Building - Proven ability to engage with executives, process owners, and technical staff to gain buy-in and alignment.
Leadership Through Change - Comfortable leading policy overhauls and compliance initiatives in environments with competing priorities and organizational resistance.
Facilitation and Negotiation - Skilled at running workshops, eliciting requirements, and resolving conflicts constructively.
Executive Presence - Ability to brief and advise senior leadership, boards, and audit committees with confidence and credibility.
Analytical and Critical Thinking - Strong ability to assess risks, interpret complex regulations, and recommend pragmatic solutions.
Collaboration and Teamwork - Adept at working cross-functionally with IT, legal, HR, and operations teams in a global enterprise context.
Cultural Awareness - Sensitivity to diverse teams and regulatory environments across global regions.

The application window for this position is anticipated to close on 23-MAR-26

We are committed to ensuring equal employment opportunities for all job applicants and employees. Employment decisions are based upon job-related reasons regardless of an applicant's race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, marital status, genetic information, protected veteran status, or any other status protected by law.

Eaton believes in second chance employment. Qualified applicants with arrest or conviction history will be considered regardless of their arrest or conviction history, consistent with the Los Angeles County Fair Chance Ordinance, the California Fair Chance Act and other local laws.

You do not need to disclose your conviction history or participate in a background check until a conditional job offer is made to you. After making a conditional offer and running a background check, if Eaton is concerned about conviction that is directly related to the job, you will be given the chance to explain the circumstances surrounding the conviction, provide mitigating evidence, or challenge the accuracy of the background report.

To request a disability-related reasonable accommodation to assist you in your job search, application, or interview process, please call us at 1-800-836-6345 to discuss your specific need. Only accommodation requests will be accepted by this phone number.

We know that good benefit programs are important to employees and their families. Eaton provides various Health and Welfare benefits as well as Retirement benefits, and several programs that provide for paid and unpaid time away from work. Click here for more detail: Eaton Benefits Overview. Please note that specific programs and options available to an employee may depend on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.

Client-provided location(s): Houston, TX

Job ID: Eaton-60833Houston

Employment Type: OTHER

Posted: 2026-03-18T18:45:23