Wind River is hiring: Senior Cybersecurity Risk & Compliance Associate in Cupert

Senior Cybersecurity Risk & Compliance Associate About Wind River Wind River is a global leader in delivering software for mission‑critical intelligent systems. For more than four decades the company has powered billions of secure and reliable systems across automotive, aerospace, defense, industrial, medical, and telecommunications industries. Wind River’s solutions enable NASA missions, 5G networks, and many other high‑impact technologies, while continually advancing to meet the highest standards of security, safety, and reliability. About the Opportunity We are hiring a professional to support and help lead the Wind River Risk & Compliance function, with a primary focus on maintaining ISO 27001 certification and supporting obligations on NIST 800‑171. The right candidate will bring structure to our Governance, Risk, and Compliance (GRC) processes, stabilize the function, and help it scale. Key Responsibilities Contribute to all ISO 27001 activities, including internal audit readiness, external recertification, and ongoing control maintenance. Support NIST 800‑171 compliance efforts, maintaining System Security Plans, Plan of Action and Milestones, and gap assessments. Assist in engagement with government compliance stakeholders and maintain awareness of forthcoming regulatory requirements (GDPR, NIST CSF, CMMC, TISAX, ITAR, AI regulations, etc.). Maintain the Wind River Risk Register and track mitigation progress across all functional areas. Coordinate the Security Exception process, ensuring proper documentation, approvals, and governance. Write and update policies and standards, providing governance, oversight, and assurance. Administer GRC/TPRM tooling (ZenGRC) and ensure evidence management and workflows are audit‑ready; familiarity with ServiceNow or AuditBoard is a plus. Prepare audit documentation and assist with responses for internal and external audits. Draft and maintain clear, consistent, audit‑ready documentation for policies, control responses, and program updates. Support customer assurance efforts related to ISO, NIST, and general cyber compliance. Lead internal audits and assessments against Wind River. Help implement scalable, repeatable governance processes for policy and standard creation and lifecycle management. Assist in developing compliance procedures, checklists, and review frameworks. Support workflows for User Access Reviews (UAR), TPRM, and continuous monitoring. Collaborate cross‑functionally with Cybersecurity, IT, Legal, HR, and Engineering teams across multiple organizations and locations. Support communication and coordination with external auditors and internal stakeholders, including the Primary Security Officer and company leadership. Support Cybersecurity Training at Wind River. Required Qualifications 5+ years of experience in cybersecurity, compliance, or GRC. Familiarity with ISO 27001, NIST 800‑171, and enterprise GRC operations. Strong writing skills; experience contributing to System Security Plans and Plan of Action and Milestones. Working knowledge of ZenGRC or similar tools. Demonstrated ability to collaborate across matrixed teams. Experience with customer audit responses and regulatory compliance. U.S. citizenship required due to regulatory requirements. Local residency in Alameda, CA or Boston, MA, or willingness to relocate and be on site three days per week. Preferred Qualifications Experience supporting government‑mandated compliance frameworks. Involvement in ISO 27001 recertification or similar standards. Experience with third‑party risk tools (e.g., BlueVoyant, BitSight). Familiarity with Wind River or embedded systems companies is a plus. Why This Role Matters Wind River’s ability to operate in national security and critical infrastructure markets depends on strong cybersecurity governance. This role helps maintain certifications, fulfill regulatory and contractual obligations, and support stakeholders with confidence, positioning the function for long‑term stability. Compensation The annual base salary range for this role is $100,000 to $130,000 for SF Bay Area residents (plus bonus) and $110,000 to $140,000 for Boston, MA residents (plus bonus). Salary is determined through interviews and a review of the applicant’s education, experience, knowledge, skills, location, and abilities. Benefits Hybrid work model for workplace flexibility Comprehensive health, dental, and life insurance Short and long‑term disability coverage RRSP matching for financial security Flexible time‑off policies for work‑life balance Employee assistance program for mental well‑being Learning benefits, including a LinkedIn Learning subscription and seminars Applicant Privacy Notice Your privacy is of the utmost importance to us. Wind River strictly adheres to all applicable data privacy laws. Please review Wind River’s Applicant Privacy Notice. Equal Opportunity Employer Wind River is an Equal Opportunity Employer committed to diversity. We prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation, or any other legally protected status. Security Clearance Requirements Successful candidates must engage in a security clearance process in regard to their citizenship in order to perform fundamental job duties, as per applicable law. The clearance process may take a significant amount of time to complete, and any offer of employment will be contingent on the candidate’s legal ability to perform the fundamental job duties. Wind River is committed to meeting its obligations to candidates under applicable human rights law and privacy law in this regard. #J-18808-Ljbffr