Governance Risk and Compliance Sr. Manager

We are seeking a highly skilled Global IT Governance Risk and Compliance Sr.

Manager to join our IT team at our Assumption, IL facility.

The ideal candidate will ensure that GPT's IT systems and processes meet legal, regulatory, and internal policy requirements through risk assessments, audits, documentation, policy development, and employee training.

They will serve as a bridge between departments—aligning data protection controls with operations, supporting regulator interaction, and leading privacy and cybersecurity compliance functions.

They will manage data privacy initiatives from zero to full compliance, bringing together stakeholders, securing management buy ‑ in, and delivering GDPR and global privacy programs.

They will proactively identify and mitigate privacy and security risks and vulnerabilities, strengthen organizational resilience, and build trust with customers, employees, and partners.

Your Impact

GDPR or Similar Program and Project Management


* Plan, coordinate, and implement GDPR projects including risk assessments, data mapping, DPIAs, and impact analysis.


* Lead cross-functional initiatives to ensure compliance with global privacy laws (GDPR, LGPD, CCPA, etc.).

Regulatory Cyber compliance


* Plan, coordinate, and implement NIS2, NIST and other Cyber compliance projects.


* Work with vCISO and other outsourcing partners in the Cyber space to ensure compliance with different local legislation and standards.

IT Governance, Policies & Controls


* Develop, maintain, and continuously improve IT compliance policies, procedures, guidelines, and internal controls to support effective governance.


* Develop and maintain comprehensive IT compliance frameworks aligned with GDPR, ISO27001, NIST, NIS2, and SOX as applicable for the size of the organization.


* Implement and monitor security and privacy controls - including access management, encryption, logging, and data protection measures.


* Monitor regulatory changes and ensure compliance with new requirements.


* Ensure ‘secure by design' principles are applied across systems and projects.


* Support accurate maintenance of the IT asset inventory and compliance-related asset processes.

Audit & Reporting


* Lead internal and external IT audits, regulatory reviews, and risk assessments.


* Produce compliance reports covering status, risk performance, KPIs, and audit findings.


* Build and maintain dashboards to track compliance obligations and remediation efforts.


* Act as point of contact with authorities and external auditors during reviews or investigations.

[MB1]

Training & Awareness


* Ensure training plans and initiatives are sufficient for staff on compliance requirements, privacy principles, and IT policies to all staff levels.


* Develop ongoing awareness programs to embed a culture of compliance.

IT Risk management


* Building IT risk management for the organization, defining roles and resp...