We’re seeking a forward-thinking Manager, GRC, Security Awareness & Application Security to join our Global Information Security team. This role leads an integrated program that embeds governance, risk management, security awareness, and application security into daily business and development practices.What You’ll DoLead the North America GRC program aligned to global frameworks and enterprise risk appetiteDevelop and operationalize security policies, standards, and GRC workflowsDesign and deliver data-driven, behavior-based security awareness programsPartner with engineering teams to embed secure-by-design and DevSecOps practices into SDLC and CI/CD pipelinesOversee third-party and vendor security risk managementAdvance application security through SAST, DAST, and SCA implementationBuild dashboards and KRIs to communicate risk, awareness effectiveness, and AppSec maturity to leadershipSupport audits and compliance efforts across GxP, HIPAA, and data protection frameworksWhat You Bring7+ years of cybersecurity experience across GRC, security awareness, and application securityStrong knowledge of NIST CSF, ISO 27001, secure SDLC, and DevSecOpsExperience in regulated environments (pharma, biotech, healthcare, or manufacturing)Hands-on experience with AppSec tooling (SAST, DAST, SCA) and vendor risk managementBachelor’s degree required; relevant certifications (CISSP, CRISC, CISM, CSSLP) preferredFamiliarity with cloud and identity security (AWS/Azure/GCP, IAM, Zero Trust)