Cybersecurity Compliance Manager Job at Gentex Corp. in Carbondale

1 week ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

At Gentex Corporation, we’ve created an environment where great ideas and great people can thrive. Leveraging a history that spans over 130 years, Gentex is a global leader in personal protection and situational awareness solutions for defense forces, emergency responders, and industrial personnel operating in high performance environments. Join our multinational team of exceptional and dedicated employees around the world and work on challenging and rewarding projects, grow your skills, and advance your career all while making a positive difference in the lives of our customers. Together, you and Gentex can build a career that’s uniquely yours.

About the Job:

The Cybersecurity Compliance Manager plays a critical role ensuring that our organization adheres to regulatory, contractual, and DoD cybersecurity requirements. This role is particularly important because of our handling of sensitive data, Controlled Unclassified Information (CUI), and our required adherence to a CMMC 2.0 framework.

Gentex offers a robust benefit package- including, but not limited to, medical/dental coverages, 401k, paid time off and excellent work schedules including a 9/80 work week.

Essential Functions:

• Ensure adherence to frameworks like CMMC, NIST
• Create and enforce cybersecurity policies and procedures.
• Identify, assess, and mitigate cybersecurity risks.
• Prepare for and manage internal and external audits.
• Maintain SSPs, POA&Ms, IRPs, and other compliance-related documents.
• Collaborate on incident response and ensure regulatory reporting.
• Educate employees on compliance requirements and best practices.
• Work with internal and external stakeholders to address compliance concerns.
• Monitor compliance posture and update controls as needed.
• Provide strategic guidance and lead compliance initiatives.

Qualifications:

• Certifications CISSP, CISM, or CCP.
• Minimum 5–10 years of experience in cybersecurity, IT governance, risk management, or compliance.
• Minimum 3–5 years of direct experience in managing compliance programs or audits.
• Experience in industries with strict regulatory requirements, such as defense contracting, healthcare, finance, or government.
• Familiarity with handling Controlled Unclassified Information (CUI) or other sensitive data is often required for roles tied to CMMC 2.0 compliance.

Knowledge, Skills & Abilities:

• Understanding of cybersecurity principles, including:
• Access control and identity management.
• Network security and segmentation.
• Data encryption (at rest and in transit).
• Vulnerability management and patching.
• Incident response and disaster recovery.
• Experience with tools and technologies used in cybersecurity, such as:
• SIEM (e.g., Splunk, Microsoft Sentinel) for monitoring and logging.
• Vulnerability Scanners (e.g., Tenable Nessus, Qualys).
• Endpoint Detection and Response (EDR) tools (e.g., CrowdStrike, Microsoft Defender for Endpoint).
• Privileged Access Management (PAM) tools (e.g., PAM360, CyberArk).
• Configuration Management tools (e.g. Ansible, Puppet, Chef).
• Familiarity with IT systems, including:
• Networking concepts (firewalls, VPNs, VLANs, IDS/IPS).
• Experience implementing and managing compliance with:
• CMMC 2.0 (Cybersecurity Maturity Model Certification).
• NIST SP 800-171 (Protecting Controlled Unclassified Information).
• ISO 27001 (Information Security Management Systems).
• GDPR (General Data Protection Regulation).
• HIPAA (Health Insurance Portability and Accountability Act).
• Experience preparing for and managing internal and external audits, including:
• Conducting gap analyses to identify compliance deficiencies.
• Developing and maintaining System Security Plans (SSPs) and Plan of Action and Milestones (POA&M).
• Working with third-party assessors (e.g., C3PAOs for CMMC certification).

Leadership and Team Management:

• Experience leading cross-functional teams, including IT, security, legal, and HR.
• Ability to manage compliance projects, including timelines, budgets, and resources.
• Experience mentoring and training team members on compliance requirements.
• Ability to communicate complex cybersecurity and compliance concepts to non-technical stakeholders, including executives and board members.
• Experience preparing compliance reports and presentations for leadership.
• Strong writing skills for creating policies, procedures, and documentation.
• Experience working with external stakeholders, such as auditors, regulators, and clients.
• Ability to collaborate across departments to ensure compliance is integrated into all business processes.
• Strong analytical and problem-solving skills to address compliance gaps and security risks.
• Ability to adapt to changing regulatory requirements and business needs.

To Apply:

https://www.gentexcorp.com/careers/

Location:

Gentex’s Carbondale facility is located in Northeastern Pennsylvania in Lackawanna County. Carbondale, PA is about twenty miles north of Scranton, PA, 50 miles south of Binghamton, NY, and about 125 miles from New York City and Philadelphia. The area hosts numerous nearby state parks, nature preserves and local colleges and universities, including The University of Scranton and Marywood University. Northeast Pennsylvania is a beautiful area and offers an excellent cost of living. It is a great place to work, meet people, raise a family and live!

Equal Opportunity Employer: Gentex Corporation is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard for any applicable state or federal protected class. Gentex is an E-Verify Participant. Pre-employment drug/alcohol/background screening is required.

Referrals increase your chances of interviewing at Gentex Corp. by 2x

Note: This description contains the essential duties and responsibilities of the role. It is not an exhaustive list of all duties, responsibilities, or qualifications associated with the job.