Lexmark is now a proud part of Xerox, bringing together two trusted names and decades of expertise into a bold and shared vision.
When you join us, you step into a technology ecosystem where your ideas, skills, and ambition can shape what comes next. Whether you’re just starting out or leading at the highest levels, this is a place to grow, stretch, and make real impact—across industries, countries, and careers.
From engineering and product to digital services and customer experience, you’ll help connect data, devices, and people in smarter, faster ways. This is meaningful, connected work—on a global stage, with the backing of a company built for the future, and a robust benefits package designed to support your growth, well-being, and life beyond work.
Responsibilities :
JOB DESCRIPTION
We are seeking a seasoned cybersecurity professional to lead and mature the organization’s Governance, Risk, and Compliance (GRC) program. As GRC Lead, you will be responsible for driving strategic initiatives that strengthen our security posture, ensure regulatory compliance, and align risk management practices with business objectives. This role emphasizes leadership, cross-functional collaboration, and translating complex security requirements into actionable programs.
WHAT YOU WILL BE DOING
Leadership & Strategy
Execute the enterprise GRC strategy aligned with organizational goals and risk appetite.
Partner with senior leadership integrating cybersecurity governance into business planning and decision-making.
Serve as the primary advisor on compliance and risk-related matters, influencing security culture across the organization.
Governance, Risk & Compliance
Develop, maintain, and enforce security policies, standards, and procedures based on frameworks such as NIST CSF, ISO 27001, and CIS Controls.
Lead enterprise-wide risk assessments, identifying and prioritizing cybersecurity risks across systems and processes.
Implement risk mitigation strategies and ensure continuous monitoring and reporting of risk posture.
Oversee internal and external audit readiness and compliance with regulatory requirements (SOC 2, HIPAA, GDPR).
Drive third-party risk management, including vendor assessments and ongoing monitoring.
Promote compliance awareness through training, communication, and engagement programs.
Metrics & Reporting
Establish and maintain dashboards and KPIs to measure compliance, risk reduction, and program effectiveness.
Provide executive-level reporting on GRC initiatives, audit outcomes, and risk trends.
QUALIFICATIONS, SKILLS, EXPERIENCE
Strong knowledge of security frameworks (NIST, ISO, CIS), regulatory requirements, and risk management practices.
Proven experience in audit management, policy development, and third-party risk oversight.
Skilled in preparing reports, dashboards, and documentation for senior stakeholders.
Ability to lead under pressure and influence cross-functional teams.
Desired Certifications:
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or equivalent.
EDUCATIONAL QUALIFICATIONS
Bachelor's degree in computer science, Information Technology, or related field. Master's degree is a plus.
YEARS OF EXPERIENCE IN THIS FIELD
Minimum 5 years in cybersecurity or related field, with at least 3 years in GRC leadership roles.
How to Apply ?
Are you an innovator? Here is your chance to make your mark with a global technology leader. Apply now!
Global Privacy Notice
Lexmark is committed to appropriately protecting and managing any personal information you share with us. Click here to view Lexmark's Privacy Notice.
