IT Compliance & Product Security Analyst

Woodward is committed to creating a great workplace for all team members. Our company and its members are committed to acting with integrity, being respectful and accountable to one another, and staying humble and driven, while maintaining the highest professional and ethical standards.

We are steadfastly committed to attracting the best talent across our communities creating a rewarding workplace. Together we are fulfilling our purpose to design and deliver energy control solutions our partners count on to power a clean future.

Woodward supports our members' wellbeing and regularly benchmarks with other companies in our industry to offer an extensive Total Reward package for this position. Salary will be determined by the applicant's education, experience, knowledge, skills, and abilities, as well as internal equity and alignment with market data.

Estimated annual base pay: $95,000(minimum) - $123,000(midpoint) - $152,000(maximum)

All Levels are eligible for the benefits below:

• All members included in annual cash bonus opportunity.
• 401(k) match (4.5%)
• Annual Woodward stock contribution (5%)
• Tuition reimbursement and Training/Professional Development opportunities for all members
• 12 paid holidays, including floating holidays.
• Industry leading medical, dental, and vision Insurance upon date of hire
• Vacation / Sick Time / Vacation Buy-up / Short Term Disability / Bereavement leave.
• Paid parental leave.
• Adoption Assistance
• Employee Assistance Program, including mental health benefits.
• Member Life & AD&D / Long Term Disability / Member Optional Life
• Member referral bonus
• Spouse / Child Optional Life / Optional AD&D / Healthcare and Dependent Care Flexible Spending
• Voluntary benefits, including:
  • Home / Auto Insurance discounts
  • Whole Life Insurance / Critical Illness Insurance / Legal Assistance / Military Leave

Key Responsibilities:

• Creates and updates IT compliance and product security policies to align with regulations and best practices. Leads Review Board for open-source compliance.
• Tracks and analyzes changes in relevant laws and regulations to ensure compliance. Identifies product roadmap and regulatory challenges.
• Performs audits of IT systems and processes to ensure adherence to relevant regulations and internal policies. Leads segment quality or customer audits.
• Advise segments on cyber-physical security development, incorporating customer specifications, threat analysis, regulatory requirements, and lifecycle activities.
• Develops cases for process and tool improvements using vulnerability, incident, and secure development metrics; oversees incident response teams.

Key Skills:

• Regulatory Expertise: In-depth understanding of IT compliance regulations (NIST, CMMC, SOX, ISO, GDPR, CRA, PART-IS) and segment industry standards such as IEC 62443, ISO 21434 and DO-326A. Understands the standards development lifecycle
• Risk Assessment: Expert in evaluating compliance and supply chain security risks, implementing mitigations, and conducting Failure Mode Effects Analysis and advanced cyber-physical assessments.
• Audit Management: In-depth skill in planning, executing, and managing internal and external IT compliance and product security audits to ensure adherence to standards and customer expectation.
• Policy Development: Expertise in analyzing current policy, identifying contemporary language changes, working with legal and other stakeholders to write effective policies to drive a secure environment in line with business objectives
• Data Analysis: Expertise in analyzing complex data sets to monitor compliance status and detect potential issues or anomalies.
• Communication: Detailed understanding and ability to convey complex compliance and product security information clearly and concisely to diverse stakeholders and build consensus.
• Problem Solving: Adept at resolving complex product security and compliance challenges by applying analytical thinking and innovative solutions. Ability to look outside and pull in non-traditional information sources.
• Technical Knowledge: Strong understanding of IT infrastructure, security controls, and systems to assess compliance effectively. Expertise in cyber-physical protocols, hardware component security topics, and platform risk mitigation.
• Documentation: Expertise in maintaining accurate compliance and product security records, preparing detailed reports, and presenting findings to relevant parties.
• Cross Functional Collaboration: Ability to work seamlessly with various teams to ensure compliance and secure product development objectives are achieved.

Application window is anticipated to close 7 days from original posting date.

This information is provided in compliance with the Colorado Equal Pay for Equal Work Act and is the company's good faith and reasonable estimate of the compensation range and benefits offered for this position. The compensation offered to the successful applicant may vary based on factors including experience, skills, education, location, and other job-related reasons.

This position requires use of information which is subject to the International Traffic in Arms Regulations (ITAR) and/or the Export Administration Regulations (EAR). All applicants must be U.S. Persons within the meaning of the ITAR and EAR, or eligible to obtain all required authorizations from the U.S. Department of State and/or the U.S. Department of Commerce. The ITAR defines a U.S. Person as a U.S. citizen or national, lawful permanent resident (i.e., 'Green Card holder'), or a protected person (e.g., asylee, or refugee).

Woodward is an equal opportunity employer and does not discriminate in hiring or employment on the basis of race, color, religion, sex (including sexual orientation and gender identity), national origin, age, disability, protected veteran status, or any other category protected under federal, state, or local laws.

#LI-Hybrid