EATON

IT Program Manager - Cyber Compliance

EATON$130K — $190K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Information Security, Risk Management, IT, Business Administration, or related field
  • 10+ years of experience in program management focusing on cybersecurity compliance
  • Strong knowledge of compliance frameworks: CMMC 2.0, ISO 27001, SOC 2, Cyber Essentials
  • Proven track record of leading multi-workstream programs
  • Excellent communication and stakeholder engagement skills
  • Ability to work independently in a global, matrixed organization
  • Must be a U.S. person for export-controlled information access

Responsibilities

  • Lead delivery of Eaton's Cyber Compliance Transformation Program across various frameworks
  • Translate CISO's compliance strategy into actionable program plans
  • Coordinate framework demands through a unified program intake
  • Drive readiness and execution of CMMC 2.0 compliance assessments
  • Manage readiness cycles for SOC 2, ISO 27001, and Cyber Essentials certifications
  • Advance the Unified Control Framework to enable reusable evidence
  • Ensure continuous control testing and effective stakeholder management

Benefits

  • Comprehensive health and welfare benefits
  • Retirement benefits programs
  • Paid and unpaid time off options
  • Support for various employee welfare programs
Full Job Description
IT Program Manager - Cyber Compliance. The expected annual salary range for this role is $130000 - $190000 a year. This role can sit out of one of the following locations: Beachwood OH, Galesburg MI, Houston TX, Menomonee Falls WI, Moon Township PA, or Raleigh NC.

What you'll do:

Position Overview:
The Program Manager - IT Cyber Compliance orchestrates and delivers Eaton's multi-framework cybersecurity compliance program end to end, translating the CISO's compliance vision into an executable, measurable plan. The role is the driving force behind Eaton's pivot from reactive, event- and audit-driven activity to a continuous, assurance-based compliance capability - treating certifications as a strategic capability rather than a one-time event.

This is a delivery-accountable program management role with deep compliance expertise. The Program Manager runs the full program lifecycle - scope, schedule, budget, risk, dependencies, and outcomes - across concurrent certification and assessment workstreams spanning CMMC 2.0, SOC 2, ISO 27001, Cyber Essentials Plus (CE+). Success is the consistent, predictable achievement and sustainment of compliance assurance that protects revenue, contract eligibility, and customer preference with Eaton's largest customers and regulators.

The role is a key contributor to Eaton's "Test-Once / Apply-Many" evidence model, enabling reusable assurance across multiple regulatory and customer frameworks, directly supporting the Eaton CISO's Strategy.

Key Responsibilities:

Compliance Program Leadership & Delivery
• Own end-to-end delivery of Eaton's Cyber Compliance Transformation Program, meeting defined objectives, timelines, scope, budget, and business outcomes across all in-scope frameworks, control and sites.
• Translate the CISO's compliance strategy into an integrated program plan, roadmap, and roles-and-responsibilities matrix; maintain the program charter as the authoritative governing artifact.
• Operate a single program intake so framework demands are prioritized, sequenced, and paced through one coordinated model rather than competing efforts.

Framework-Specific Compliance Expertise
CMMC 2.0 (critical path): lead Level 2 readiness across in-scope environments - self-assessment, POA&M remediation, CUI protection, C3PAO assessment scheduling and execution - aligned to NIST SP 800-171 and US Department of Defense / Department of War contract requirements.
SOC 2: manage readiness and examination cycles against the Trust Services Criteria, coordinating control evidence and auditor engagement for shared services and customer-facing environments.
ISO 27001: sustain ISMS certification and surveillance/re-assessment cycles across certified sites, including mandatory documentation, internal audits, and external (e.g., BSI) assessments.
Cyber Essentials & CE+: drive certification and vulnerability-remediation readiness required for UK MOD and BAE contractual obligations, coordinating with assessors (e.g., URM / IASME) and site owners.
TISAX & sector regulations: maintain TISAX and adjacent regulatory obligations (e.g., EASA Part-IS for aerospace sites), mapping shared controls to reduce duplicate effort.

Unified Control & Continuous Assurance
• Advance the Unified Control Framework and "Test-Once / Apply-Many" evidence model so a single control set and reusable evidence satisfy many frameworks.
• Shift the program from point-in-time audits to continuous control testing and monitoring, ensuring controls operate effectively and assurance can be demonstrated at any time.
• Partner with Internal Audit to define what "great" looks like, validate control testing models, and reduce exceptions through standardized remediation and tracking.

Stakeholder, Risk, Dependency & Financial Management
• Serve as the face of the program - owning the plan, risks, executive presentations, and escalations - and the senior point of coordination with control owners, regional security leads, IT, legal, and business stakeholders.
• Proactively identify, mitigate, and resolve risks, issues, and cross-framework dependencies to protect delivery timelines, using a CISO-level escalation path where needed.
• Actively manage budgets, forecasts, and resources to optimize delivery efficiency and program value.

Key Responsibilities:

Audit Readiness & Assessment Execution
• Lead assessment-ready posture - compliance preparation playbooks, mock assessments, and standardized audit responses - and sequence concurrent certifications through a roadmap-based plan.
• Oversee the quality, traceability, and reuse of compliance evidence in Eaton's systems of record, and coordinate post-assessment issue tracking and remediation validation.

Governance, Reporting & Program Performance
• Deliver decision-ready visibility into program health through status reporting, OKRs/KPIs/KRIs, leadership presentations, and steering-committee facilitation, with timely minutes, actions, and follow-ups.
• Apply disciplined program governance and methodology to keep multi-workstream delivery on track and decision-making timely.

Innovation, Automation & AI Enablement
• Champion scaling compliance through automation and AI - improving evidence quality and reuse, accelerating customer and regulatory questionnaire responses, and surfacing trends, gaps, and emerging risks.
• Pilot and embed continuous control monitoring and GRC tooling that reduces manual effort while improving predictability and quality, alongside the risk enablement team.

Continuous Improvement & Maturity Advancement
• Advance Eaton's Compliance Maturity Model from Reactive  Proactive  Optimized, applying lessons learned to streamline processes and strengthen integration across risk, controls, and compliance.

Qualifications:

Required Qualifications:
• Bachelor's degree from an accredited institution in Information Security, Risk Management, Information Technology, Business Administration, or a related field (or equivalent experience).
• 10+ years of experience in program/project management, with significant time leading cybersecurity compliance, GRC, audit, or assurance programs.
• Strong working knowledge of cybersecurity compliance frameworks - CMMC 2.0 / NIST SP 800-171, ISO 27001, SOC 2, Cyber Essentials / CE+, and TISAX.
• Proven ability to deliver large, multi-workstream programs end to end - scope, schedule, budget, risk, and dependencies - and meet delivery commitments.
• Strong leadership, analytical, problem-solving, documentation, and stakeholder-management skills.
• Excellent communication and presentation skills, including executive and steering-committee engagement.
• Ability to operate effectively and independently in a global, matrixed organization.
• This position requires access to export-controlled information. To conform to U.S. Government export regulations applicable to that information, applicant must be a U.S. person, defined as a (i) U.S. citizen or national, (ii) U.S. lawful, permanent resident (green card holder), (iii) refugee under 8 U.S.C. 1157, or (iv) asylee under 8 U.S.C. 1158
• No relocation is offered for this position. All candidates must currently reside within 50 miles of Beachwood, OH: Moon Township, PA: Galesburg MI: Houston TX: Menomonee Falls WI: or Raleigh NC.

Preferred Qualifications:
• Program/project management certification - PMP, PgMP, Scrum Master, or Product Owner.
• Compliance/security certifications - e.g., CMMC Registered Practitioner (RP) / Certified Professional (CCP), CISA, CISM, or ISO 27001 Lead Implementer / Lead Auditor.
• Experience with unified control frameworks and "Test-Once / Apply-Many" assurance models.
• Familiarity with continuous control monitoring, GRC automation platforms, and AI-enabled compliance, audit, or risk tooling.
• Experience partnering closely with Internal Audit and enterprise risk teams.
• Experience in regulated or defense/aerospace environments (e.g., US DoD/DoW, UK MOD, EASA, C3PAO assessments, CUI/ITAR).

Additional Informtion:

Strategic Alignment:
• Achieving and sustaining assurance of compliance across CMMC 2.0, SOC 2, ISO 27001, CE+, and TISAX
• Protecting revenue, contract eligibility, and customer preference
• Reducing evidence duplication and exceptions through unified controls and continuous testing
• Delivering predictable, high-quality, assessment-ready compliance outcomes
• Embedding innovation and AI into compliance operations

Success is measured by readiness, reuse, reduced exceptions, fewer repeat findings, and sustained assurance.

Why This Role Matters at Eaton
The Compliance Program Manager is the execution engine of Eaton's compliance transformation. By bringing disciplined program management to deep, framework-specific expertise, this role turns fragmented, reactive certification efforts into a trusted, optimized, and business-enabling capability - protecting revenue and contract eligibility, strengthening customer and regulator confidence, and ensuring compliance is sustained, evidenced, and resilient at scale.

All positions may require participation in video and in-person interviews as part of the hiring process. All candidates will be evaluated based on job-related competencies, and all candidates' privacy rights and data security will be protected in accordance with applicable laws.

We know that good benefit programs are important to employees and their families. Eaton provides various Health and Welfare benefits as well as Retirement benefits, and several programs that provide for paid and unpaid time away from work. Click here for more detail: Eaton Benefits Overview. Please note that specific programs and options available to an employee may depend on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.

About EATON

Eaton Corporation plc is a multinational power management company with 2020 sales of $17.9 billion, founded in the US. Eaton provides energy-efficient solutions that help customers effectively manage electrical, hydraulic, and mechanical power more efficiently, safely, and sustainably. Eaton operates through three main business segments: Electrical Products, Electrical Systems and Services, and Hydraulics. The Electrical Products segment designs, manufactures, markets, and sells electrical components, such as circuit breakers, switches, and electrical protection and control devices. The Electrical Systems and Services segment offers electrical power distribution and assemblies, as well as engineering services and automation and control solutions. The Hydraulics segment provides products such as pumps, motors, valves, cylinders, and filtration products. Eaton has a global presence with operations in North America, Europe, Asia, and other regions.
Learn more about EATON
Size
85,947 employees
Market Cap
$62.2 billion
Industry
Net Income
$1.4 billion
Founded
2009
5 Year Trend
-0.1%
Revenue
$17.8 billion
NASDAQ

Similar Jobs

More Jobs at EATON

  • EATON
    Application Engineer
    $143K — $210K *
    Houston, TX 77040 (Harris County)
    Energy & Utilities
    In-Person
  • EATON
    Application Engineer
    $143K — $210K *
    Austin, TX 78728 (Travis County)
    Energy & Utilities
    In-Person
  • EATON
    Application Engineer
    $143K — $210K *
    Grapevine, TX 76051 (Tarrant County)
    Energy & Utilities
    In-Person
  • EATON
    Application Engineer
    $143K — $210K *
    San Antonio, TX 78247 (Bexar County)
    Energy & Utilities
    In-Person
  • EATON
    Materials Operations Manager
    $129K — $190K *
    Beltsville, MD 20705 (Prince Georges County)
    Manufacturing & Automotive
    In-Person

More Information Technology Jobs

Find similar IT Program Manager - Cyber Compliance jobs: