We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
PPG Industries, Inc jobs

Senior Information Security Risk and Compliance Specialist

PPG Industries, Inc
United States, Pennsylvania, Pittsburgh
One PPG Place (Show on map)
Apr 28, 2026

PPG is looking for a Senior Information Security Risk and Compliance Specialist to join the team! In this role, you will support the identification, evaluation, treatment, and reporting of information security risks in alignment with business objectives, regulatory requirements, and industry frameworks such as NIST Cybersecurity Framework (CSF), NIST 800-53, ISO 27001, and internal security standards. You will also assist in areas such as governance, control assurance, policy compliance, third-party risk assessments, and remediation tracking. This is a hybrid role at our Pittsburgh, PA office.

Key Responsibilities

  • Participate in global IT risk management, cybersecurity compliance, and governance projects from planning through execution, reporting, and remediation tracking.
  • Perform information security risk assessments for applications, infrastructure, cloud solutions, and business initiatives.
  • Support control testing and compliance assessments against frameworks such as NIST CSF, NIST 800-53, ISO 27001, and internal policies.
  • Assist with third-party / vendor cybersecurity risk assessments during onboarding and periodic reviews.
  • Evaluate vendors based on security questionnaires, penetration testing results, and contractual security requirements.
  • Collaborate with business and IT teams to mitigate identified risks through practical and achievable action plans.
  • Review work papers, planning documents, audit reports, and technical evidence to ensure accurate identification of risks and issues.
  • Communicate findings timely and partner with control owners to develop remediation plans.
  • Assist with security governance committees, metrics reporting, and risk dashboards.
  • Develop and document risks for critical systems, crown jewel assets, cloud environments, and key business processes.
  • Review IT processes for control weaknesses and non-compliance issues and initiate corrective actions.
  • Provide support for Disaster Recovery, Business Continuity, and operational resilience planning.
  • Assist in tabletop exercises, incident response governance, and lessons learned remediation tracking.
  • Assist with identity and access governance reviews including privileged access, segregation of duties, and user recertifications.
  • Develop methods to monitor and measure risk, compliance, and assurance efforts using metrics and KPIs.
  • Interpret and apply applicable laws, regulations, and industry requirements into security controls and policy requirements.
  • Perform Security Site Assessments at manufacturing plants, warehouses, laboratories, and office locations to evaluate physical security, cybersecurity controls, network infrastructure, operational technology (OT) environments, and compliance with corporate security standards.

Qualifications

  • 5+ years of experience in IT, cybersecurity, audit, risk management, or related discipline.
  • Bachelor's degree in information technology, Cybersecurity, Computer Science, Business, or related field preferred.
  • Working knowledge of security frameworks such as NIST CSF, NIST 800-53, ISO 27001, and SOC frameworks.
  • Experience supporting regulatory compliance programs such as SOX, PCI DSS, GDPR, or similar is a plus.
  • Experience performing Third-Party Risk Assessments / Vendor Security Reviews is strongly preferred.
  • Understanding of common security domains including IAM, network security, endpoint security, vulnerability management, logging/monitoring, and incident response.
  • Familiarity with cloud security concepts for Azure, AWS, or Google Cloud is a plus.
  • Experience using governance, risk, and compliance (GRC) tools such as AuditBoard, Archer, ServiceNow, OneTrust, or similar is preferred.
  • Relevant certifications such as Security+, CISA, CRISC, CISSP, ISO 27001 Lead Implementer/Auditor are a plus.

Om oss:

PPG: VI SKYDDAR OCH FORSKONAR VARLDEN

Genom ledarskap inom innovation, hallbarhet och farg hjalper PPG kunder inom industri-, transport-, konsumentvaru- och byggmarknaderna samt eftermarknaden att forbattra fler ytor pa fler satt an nagot annat foretag. For mer information, besok www.ppg.com och folj @PPG pa X.

The PPG Way 2030

Vi ar kundernas foresprakare

Proaktiva. Djarva. Palitliga. Allt vi gor borjar med vara kunder. Vi lyssnar, agerar snabbt och slutar inte forran vi har lost deras storsta utmaningar. Nar vara kunder lyckas vaxer vi alla.

Vi agerar med malmedvetenhet och snabbhet

Agila. Datadrivna. Bemyndigade. Vi tar smarta risker for att ligga steget fore konkurrenterna. Vi arbetar proaktivt och agilt, med hogkvalitativ data som grund for att utveckla losningar som skapar varde.

Vi ar forstklassiga operatorer

Produktiva. Samarbetsinriktade. Ansvarsfulla. Oavsett roll identifierar vi problem, tar ansvar och levererar alltid losningar. Vi ar bade proaktiva och lyhorda for att driva kontinuerliga forbattringar och uppna resultat. Vi stottar vara medarbetare i frontlinjen - PPG:s ansikte utat mot vara kunder.

Vi tavlar for att vinna

Framatblickande. Drivna. Ambitiosa. Vi brinner for att utveckla var verksamhet och skapa framgang tillsammans med vara kunder. Vi levererar resultat, omfamnar ny teknologi och anvander agilitet och snabbhet som vara styrkor.

Vi ar stolta over PPG

Starka. Enade. Passionerade. Vi arbetar sakert, agerar med integritet och vardesatter vara olika perspektiv. Vi firar framgangar och ar stolta over den positiva paverkan vi skapar tillsammans for att skydda och forskona varlden.

Pa PPG anvander vi AI i rekryteringsprocessen for att gora processen mer effektiv. AI-verktyg fattar inte anstallningsbeslut. Du kan lara dig mer genom att besoka https://careers.ppg.com/se/sv/candidate-resources.

PPG erbjuder lika mojligheter for alla kandidater och anstallda. Vi erbjuder en mojlighet att vaxa och utveckla din karriar i en miljo som ger en meningsfull arbetsplats for medarbetare, skapar en miljo for kontinuerligt larande och omfamnar andras ideer och mangfald. Alla kvalificerade sokande kommer att beaktas for anstallning oavsett kon, graviditet, ras, farg, trosbekannelse, religion, nationellt ursprung, alder, funktionsnedsattning, civilstand, veteranstatus, sexuell laggning, konsidentitet eller uttryck.

Om du behover en anpassning pa grund av en funktionsnedsattning, skicka ett epostmeddelande till recruiting@ppg.com.

PPG:s loneintervall och formaner kan variera beroende pa plats, vilket gor det mojligt for oss att erbjuda konkurrenskraftig ersattning till anstallda pa olika geografiska marknader. PPG tar hansyn till flera faktorer vid beslut om ersattning, inklusive men inte begransat till kompetenser, erfarenhet och utbildning, kvalifikationer och utbildningsniva, licenser och certifieringar samt andra organisatoriska behov. Andra incitament kan ocksa tillkomma.

Vara formansprogram for anstallda ar utformade for att stodja vara medarbetares halsa och valbefinnande. Eventuella forsakringsskydd och formaner kommer att folja villkoren i de tillampliga planerna och tillhorande styrande plandokument. Formanerna kommer att diskuteras med dig av din rekryterare under anstallningsprocessen.

PPG vardesatter din feedback om var rekryteringsprocess. Vi uppmuntrar dig att besoka Glassdoor.com och lamna feedback om processen.

Applied = 0
MORE JOBS LIKE THIS

(web-bd9584865-rddb7)