Job SummaryWe are seeking a Cybersecurity Analyst III to play a critical role in specialized Mergers, Acquisitions and Divestitures protecting our global manufacturing operations during complex corporate transactions.
You will support cybersecurity due diligence, risk assessment, integration planning, and divestiture separation activities across the full IT expansion lifecycle. This position ensures that cybersecurity risks are identified early, governance frameworks are aligned, and post-transaction cyber resilience is maintained in a high-stakes industrial environment where Information Technology (IT), operational technology (OT), and supply chain security are paramount.
Key ResponsibilitiesPre-Deal Due Diligence & Assessment
- Support cybersecurity during due diligence for potential acquisitions, joint ventures, and divestitures, including comprehensive reviews of target companies' security posture, policies, controls, and incident history.
- Conduct gap analyses against industry standards (NIST, ISO 27001, CIS Controls) and our internal cybersecurity governance framework.
- Identify red-flag risks that could impact integration timelines, or regulatory compliance.
Governance & Integration Planning
- Develop and execute cybersecurity integration playbooks and divestiture separation plans tailored to manufacturing operations.
- Design and implement post-transaction cybersecurity governance structures, including policy harmonization, risk register updates, and control framework alignment.
- Collaborate with legal, compliance, IT, OT, and business teams to embed cybersecurity requirements and integrations.
- Define and track cybersecurity-related key performance indicators (KPIs) and milestones throughout the IT Expansion lifecycle.
Risk Mitigation & Remediation
- Assess and quantify cyber risks (technical, operational, reputational) and recommend risk treatment strategies and mitigation roadmaps.
- Coordinate with integration partners to ensure timely remediation of critical findings.
- Support carve-out activities for divestitures, ensuring secure data segregation, system isolation, and transition service agreements (TSAs).
Stakeholder Collaboration & Reporting
- Post closing serves as the primary cybersecurity advisor to the M&A deal team, Cybersecurity leadership and risk committees through to target integration level.
- Prepare executive-level risk summaries, dashboards, and board presentations on transaction-related cyber risks.
Continuous Improvement
- Contribute to the evolution of the company's M&A Cybersecurity Playbook and governance standards.
- Stay current with emerging threats, regulatory developments (e.g., SEC cybersecurity rules, NIS2, CFIUS implications), and best practices in industrial cybersecurity.
- Conduct lessons-learned reviews after each transaction to refine processes.
Qualifications & ExperienceRequired
- Bachelor's degree in Cybersecurity, Information Systems, Computer Science, Engineering, or related field (Masters or relevant certifications preferred).
- 2+ years of progressive experience in cybersecurity, with at least 1 year focused on M&A due diligence, integration, or divestitures.
- Strong understanding of cybersecurity governance, risk management frameworks, and regulatory requirements.
- Risk assessment and/or IT Audit Experience
Preferred Certifications
CISSP, CISM, CRISC, CISA, or GIAC
Key Skills & Competencies
- Exceptional analytical and risk assessment skills with the ability to translate technical findings into business impact.
- Strong project management abilities.
- Excellent written and verbal communication skills
- Ability to thrive in fast-paced, ambiguous environments with tight deadlines.
- High integrity and discretion in handling sensitive M&A information.
- Willingness to travel (5%) domestically and internationally.