IT Compliance Lead

Collaboration drives Nordson's success as a market leader in Industrial Precision Solutions and Advanced Technology. Our employees thrive in an environment where we help each other reach our personal best and enable our company to continuously improve and grow, and our customers to succeed. You will find Nordson employees sharing our success by giving back in the communities around the world where we live and work.

Responsible for leading the development, implementation, and oversight of the organization's IT risk and compliance programs. This role ensures that IT operations and systems align with regulatory requirements, internal policies, and industry best practices. The manager will work closely with IT, security, audit, and business stakeholders to identify risks, implement controls, and maintain a strong compliance posture across the enterprise.

Job Description Section Template

Essential Job Duties and Responsibilities

• Lead IT compliance initiatives related to SOX, GDPR, HIPAA, and other applicable regulations.
• Coordinate internal and external audits, including evidence collection, control testing, and issue remediation.
• Maintain and update IT policies, standards, and procedures to reflect regulatory and operational changes.
• Monitor compliance with internal policies and escalate non-compliance issues as needed.
• Develop and deliver regular reports and dashboards on IT risk and compliance metrics to senior leadership.
• Support governance committees and participate in cross-functional risk and compliance forums.
• Provide guidance and training to IT and business teams on risk and compliance requirements.
• Partner with Security, Legal, Internal Audit, and other stakeholders to ensure a unified approach to risk and compliance.
• Identify opportunities for automation and process improvement in risk and compliance workflows.
• Stay current on emerging risks, regulatory changes, and industry trends.
• Develop and maintain the IT Risk Management framework, including risk identification, assessment, mitigation, and reporting.
• Conduct regular risk assessments and ensure appropriate controls are in place.
• Collaborate with IT and business units to monitor risk exposure and drive remediation efforts.
• Maintain risk registers and ensure alignment with enterprise risk management objectives.

Education and Experience

• Bachelor's degree in Information Systems, Cybersecurity, Business, or a related field.
• 8+ years of experience in IT risk management, compliance, or audit roles.
• Strong knowledge of regulatory frameworks (e.g., SOX, NIST, ISO 27001, COBIT).
• Experience with GRC platforms such as AuditBoard, Pathlock, or SAP GRC.
• Excellent communication, analytical, and project management skills.
• Ability to work independently and collaboratively across departments.

Skills and Abilities

• Professional certifications such as CPA, CISA, CRISC, CISSP..
• Experience with enterprise applications and cloud environments.
• Familiarity with data privacy regulations and third-party risk management.

Travel Required

• Estimated 10%

Nordson Corporation provides equal employment opportunity to all applicants and employees. No person is to be discriminated against in any aspect of the employment relationship due to race, religion, color, sex, age, national origin, ancestry, disability, sexual orientation, gender identity, genetic information, citizenship status, marital status, pregnancy, veteran status or any other status protected by applicable federal, state, or local law. All employment offers are contingent upon successful completion of our pre-employment drug screening and background/criminal check, consistent with applicable laws.Third party recruiters and agencies should not contact employees of Nordson or its subsidiaries directly. Any resumes sent to a hiring manager or submitted to Nordson employees are considered unsolicited and property of Nordson. Nordson will not pay a placement fee unless the agency or recruiter has a signed contract with Nordson's Human Resources department in advance of submitting a candidate for consideration. Verbal and written approvals will not be considered a valid contract for service.