We are seeking a skilled and motivated professional to join our organization as a combined TISAX Administrator and GRC Administrator, with a focus on leveraging the OneTrust platform for integrated risk and compliance management. The successful candidate will be responsible for managing and maintaining TISAX (Trusted Information Security Assessment Exchange) compliance, as well as managing and supporting the organization’s Governance, Risk, and Compliance (GRC) program using the OneTrust platform, ensuring that all regulatory, security, and privacy requirements are met.

Key Responsibilities

• TISAX Administration:

• Oversee the implementation and maintenance of TISAX compliance across the organization.
• Coordinate internal and external TISAX assessments, audits, and certification processes.
• Develop, update, and manage policies, procedures, and documentation related to information security and TISAX standards.
• Monitor changes in TISAX requirements and ensure timely updates to organizational practices.
• Provide training and awareness programs for staff regarding TISAX and information security best practices.
• Act as the main point of contact for TISAX-related inquiries from customers, partners, and auditors.
• Collaborate with IT, legal, and business departments to ensure cross-functional compliance efforts.
• Maintain records of assessments, findings, corrective actions, and ongoing compliance status.
• Report regularly to management on TISAX compliance status, risks, and improvement opportunities.

GRC Administration (OneTrust Platform):

• OneTrust Platform Administration: Configure, maintain, and optimize OneTrust modules to support GRC activities, including policy management, risk assessments, compliance tracking, and reporting.
• Policy and Procedure Management: Support the creation, review, dissemination, and tracking of policies and procedures within OneTrust, ensuring proper version control and stakeholder notification.
• Risk Management: Facilitate risk identification, assessment, mitigation, and monitoring processes using OneTrust’s risk management tools. Maintain risk registers and generate regular risk reports for leadership.
• Compliance Monitoring: Track regulatory and internal compliance requirements, monitor compliance status, and assist with audit preparation and evidence collection within OneTrust.
• Incident and Issue Management: Support the logging, investigation, and resolution of incidents and issues in OneTrust, ensuring timely follow-up and proper documentation.
• User Support and Training: Provide guidance and training to end users on OneTrust functionalities, best practices, and GRC processes. Serve as the primary point of contact for OneTrust-related inquiries.
• Reporting and Analytics: Generate dashboards and reports in OneTrust to provide insights into GRC metrics, trends, and program effectiveness for management and stakeholders.

Collaboration and Continuous Improvement:

• Work closely with IT, Security, Legal, and Business teams to ensure integrated risk and compliance management.
• Stay up-to-date on industry best practices, regulatory changes, and OneTrust platform enhancements.
• Identify opportunities for process improvements and automation within the GRC and TISAX domains.

Qualifications

• Bachelor’s degree in Information Security, Computer Science, Risk Management, or a related field (or equivalent experience).
• Strong understanding of TISAX, ISO/IEC 27001, or other relevant information security standards.
• Experience with compliance management, audits, or certification processes in the automotive or manufacturing sector is preferred.
• Experience with GRC frameworks (e.g., ISO 27001, NIST, TISAX, SOX) preferred.
• 1+ years of hands-on experience administering OneTrust or similar GRC platforms.
• Strong analytical and problem-solving skills.
• Excellent organizational and communication abilities.
• Ability to interpret regulatory requirements and translate them into practical procedures.
• Proficiency with documentation and record-keeping tools.
• Ability to work independently and in cross-functional teams.
• Attention to detail and a commitment to maintaining confidentiality.

Preferred Skills

• OneTrust certification or formal training.
• Experience with data privacy, third-party risk management, and incident response.
• Knowledge of regulatory compliance requirements relevant to the automotive and manufacturing industries.
• Proficiency in report generation and data analysis.

Preferred Certifications

• TISAX Practitioner or related certification.
• ISO/IEC 27001 Lead Implementer or Auditor.
• Certified Information Systems Security Professional (CISSP) or similar.

Who We Are:  

Bonnell Aluminum is North America’s premier manufacturer of custom aluminum extrusions. We manufacture mill finish, anodized, painted and thermally broken aluminum extrusions. Our press size ranges from 1,550 to 5,500-tons.

We produce large diameter extrusions requiring high-quality surface finish up to 16 inches in circle size.  Fabricators and distributors use our extruded profiles in various applications: curtain walls, storefronts, light to heavy commercial and institutional windows, walkway covers, interior architectural products, photovoltaic panels, solar collectors, heat sinks for L.E.D. lighting, shower enclosures, hurricane protection products, automotive, light trucks, recreational vehicles, and industrial machinery.

We are headquartered in Newnan, Georgia. We have manufacturing operations in Newnan, Georgia; Carthage, Tennessee; Niles, Michigan; Clearfield, Utah; and Elkhart, Indiana.