IT/OT GRC Program Manager‌ jobs in United States
cer-icon
Apply on Employer Site
company-logo

FuelCell Energy · 20 hours ago

IT/OT GRC Program Manager‌

positionDanbury, CT, US, 06810
timeFull-time
remoteHybrid
senioritySenior Level
money$135K/yr - $152K/yr
date7+ years exp

FuelCell Energy is a global leader in decarbonizing power and producing hydrogen through proprietary fuel cell technology. They are seeking a strategic and hands-on IT/OT Governance, Risk, and Compliance (GRC) Manager to define, enforce, and validate security standards across their IT, OT, and Product environments in a highly regulated industry.

EnergyManufacturingRenewable EnergyFuel
check
H1B Sponsor Likelynote

Responsibilities

Product Security Governance (Build + Operate): Partner with product and engineering teams to embed “secure-by-design” requirements into the product lifecycle, so our delivered systems are positioned to comply with governing regulatory requirements
Strategic Framework Leadership (IT + OT): Lead the execution of the CIP, NIST (IT), IEC 62443 (OT) programs by establishing clear ownership and accountability for compliance targets. Actively assess organizational capabilities and recommend necessary staffing, training, or resource adjustments for program success to leadership
Develop & Validate Security Baselines: Formulate and govern the technical security standards for the enterprise. Responsible for the full lifecycle of compliance, from defining control requirements to assuring alignment via onsite inspection and independent verification
Drive Corrective Action Management: Own the centralized tracking of all audit findings, risk acceptances, and remediation plans (CAPA). Enforce strict timelines for remediation with system owners and escalate issues to leadership
Operationalize Compliance: Bridge the gap between policy and practice by translating regulatory requirements into executable operational procedures, working directly with engineers to configure, implement, and validate controls
Assure Audit Defense & Readiness: Serve as the primary lead for all internal and external audits. Maintain a continuous state of audit readiness by personally curating evidence repositories and validating artifact quality
Execute Internal Assurance Testing: Conduct hands-on "mock audits" and control self-assessments across all sites. Proactively identify and close non-compliance gaps to mitigate the material risk of a cyber event
Manage Third-Party Risk (TPRM): Execute the technical vetting of IT/OT suppliers. Directly review vendor security posture and enforce remediation of identified risks or formal risk acceptance prior to contract execution
Risk Visibility & Reporting: Translate technical compliance data into business-risk reporting. Provide the Director and CIO with accurate, validated metrics on risk burn-down and compliance posture backed by data
Administer GRC Software & Automation: Manage the configuration and maintenance of GRC platforms, services, and workflows to automate evidence collection, minimizing manual reporting overhead for technical teams
Manage Security Awareness & Training: Develop and deliver role-based security training content (e.g., lockout/tagout digital safety, password hygiene) to ensure engineering and operations teams understand their specific compliance obligations
Proactive Enterprise Risk Management: Lead ongoing risk identification, assessment, and prioritization across IT and OT environments, including threat modeling, maintenance of a centralized risk register, and integration of threat intelligence; conduct periodic comprehensive risk assessments to inform mitigation strategies and resource allocation
OT Asset Management & Architecture Governance: Oversee or partner with engineering teams to maintain an accurate OT asset inventory, define network zones and conduits per IEC 62443 requirements, and govern segmentation/architecture decisions to ensure foundational security controls are in place for effective risk management and compliance
Incident Response Integration & Lessons Learned: Collaborate with Security Operations and Incident Response teams to incorporate incident findings, root cause analyses, and lessons learned into the GRC program; ensure compliance-related reporting obligations are met and drive control enhancements or policy updates based on incident trends

Qualification

IT/OT governanceRisk managementCompliance frameworksAudit readinessISACA CISA/CISM/CRISCIEC/ISA 62443 trainingProgram managementStakeholder managementConflict resolutionCross-functional collaboration

Required

Bachelor's degree in IT, Cybersecurity, Engineering, or related field (or equivalent experience)
+ ISACA CISA / CISM / CRISC
+ ISC2 CGRC (or equivalent GRC credential)
+ IEC/ISA 62443-focused training/certificates
Experience building policies/standards, control frameworks, and audit evidence packages
Experience working cross-functionally with IT, OT/Engineering, Operations, Legal/Compliance, and vendors
7 + years in governance, risk, compliance, audit, IT/OT controls, in highly regulated environments
IT/OT governance program design and execution (standards, procedures, controls, RACI/RASIC)
Risk management and control mapping (IEC62443/NIST CSF alignment; understanding of OT constraints)
Change governance and control conformance across sites (managing exceptions, deviations, and validating compensating controls)
Strong stakeholder management, facilitation, and conflict resolution (ownership clarity, accountability)
Audit readiness and evidence management (ITGC/ITAC-style controls, SOX discipline, documentation rigor)
Program management: milestones, reporting, KPI tracking, continuous improvement

Benefits

Medical
Dental
Vision
Company-paid life/disability insurance
401(k) plan
Employee stock purchase plan
Generous paid leave

Company

FuelCell Energy

twittertwittertwitter
company-logo
FuelCell Energy is an integrated fuel cell company that designs, manufactures, installs, services, and operates
dateFounded in 1969
location
Danbury, Connecticut, USA
people-size501-1000 employees
web-link
http://www.fuelcellenergy.com

H1B Sponsorship

FuelCell Energy has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (6)
2024 (6)
2023 (8)
2022 (3)
2021 (1)

Funding

Current Stage
Public Company
Total Funding
$468.77M
Key Investors
Export-Import Bank of the United StatesNatural Resources CanadaClean Resource Innovation Network
2025-12-01Post Ipo Debt· $25M
2024-08-21Grant· $4.34M
2024-04-29Post Ipo Debt· $13M

Leadership Team

leader-logo
Michael Bishop
Executive Vice President, Chief Financial Officer & Treasurer
linkedin
leader-logo
Amanda Schreiber
Executive Vice President, General Counsel and Corporate Secretary
linkedin

Recent News

Hartford Business Journal
FuelCell Energy finalizes separation agreement with former general counsel
2026-02-06
Hartford Business Journal
Danbury’s FuelCell Energy targets data center market with 450-MW collaboration
2026-01-23
GlobeNewswire
Sustainable Development Capital LLP and FuelCell Energy Forge Strategic Data Center Power Collaboration
2026-01-20
Company data provided by crunchbase