Are you looking to power the next leap in the exciting world of advanced electronics Do you want to help solve problems that drive success in the rapidly evolving technology and connectivity landscape Then bring your problem-solving, passion, and creativity to help us power the next leap in electronics.
At
Qnity, we're more than a global leader in materials and solutions for advanced electronics and high-tech industries – we're a tight-knit team that is motivated by new possibilities, and always up for a challenge. All our dedicated teams contribute to making cutting-edge technology possible. We value forward-thinking challengers, boundary-pushers, and diverse perspectives across all our departments, because we know we play a critical role in the world enabling faster progress for all. Learn how you can start or jumpstart your career with us.
Risk Specialist – Digital Technology (DT) Risk & Compliance Job Description
Role Description
The Risk Specialist – Digital Technology (DT) Risk & Compliance supports Qnity's enterprise risk management program from an Information Technology perspective. This role is responsible for leading the Third-Party Cyber Risk Management (TPRM) program, managing customer cybersecurity assurance activities, maintaining internal control documentation, and enabling a unified controls framework to ensure consistent, scalable, and audit-ready compliance across regulatory and customer requirements.
The position partners cross-functionally with cybersecurity, IT, procurement, internal controls, and business stakeholders to proactively identify, assess, and mitigate risks while strengthening Qnity's overall security and compliance posture.
Key Responsibilities
Establish Risk Management Program
- Define and implement a Digital Technology Risk Management program
- Enable execution of enterprise risk management initiatives from a digital technology and cybersecurity standpoint
- Identify, assess, and monitor technology-related risks across systems, infrastructure, and business processes
- Support development of risk reporting, dashboards, and leadership communications
- Partner with stakeholders to drive effective risk mitigation and remediation initiatives
Third-Party Cyber Risk Management (TPRM)
- Lead the end-to-end execution of the Third-Party Cyber Risk Assessment program
- Conduct inherent and residual risk assessments for vendors based on risk tiering and business criticality
- Manage vendor due diligence activities, including questionnaire reviews and risk evaluations
- Monitor remediation actions, risk acceptance, and escalate high-risk vendors as needed
- Drive continuous improvement of TPRM processes, workflows, and supporting tools
Customer Cybersecurity Assurance
- Manage and respond to customer cybersecurity surveys, questionnaires, and audit requests
- Coordinate with internal stakeholders to gather, validate, and consolidate evidence
- Ensure responses are consistent with internal controls, policies, and regulatory requirements
- Improve efficiency through reusable content and standardized response approaches
Unified Controls Framework (UCF)
- Support development and maintenance of a Unified Controls Framework across regulatory requirements (e.g., SOX, CMMC, NIST, ISO)
- Map and rationalize controls across frameworks to reduce duplication
- Ensure consistency in control definitions, ownership, and evidence standards
- Enable scalable compliance through integrated control management
- Maintain and update Internal Controls Manual, including narratives, process flows, and control matrices
Reporting & Continuous Improvement
- Develop risk and compliance dashboards, metrics, and reporting
- Identify process improvement opportunities across IT risk and compliance workflows
- Support adoption of GRC tools and automation
- Promote a culture of accountability and risk awareness across stakeholders.
Skill Requirements
- Strong understanding of IT risk management, cybersecurity, and compliance frameworks (e.g., SOX ITGC, NIST, ISO 27001)
- Experience with third-party risk assessments and vendor due diligence
- Strong analytical and problem-solving skills
- Excellent communication and stakeholder management abilities
- Strong documentation and reporting skills
- Ability to manage multiple priorities in a dynamic environment.
KEY COMPETENCIES
- Communicating with Impact – Articulates risk, issues, and recommendations clearly and effectively
- Analysis and Judgment – Applies risk-based thinking to identify issues and propose appropriate solutions
- Collaboration & Influence – Works effectively across cross-functional teams
- Attention to Detail – Ensures high-quality, audit-ready documentation and outputs
- Continuous Improvement – Drives process enhancements and efficiency.
Education And Experience
- Bachelor's degree in Information Technology, Cybersecurity, Risk Management, or related field
- 7–10 years of experience in IT Risk, Cybersecurity, Compliance, or TPRM roles
- Familiarity with frameworks such as SOX, NIST CSF, ISO 27001, COBIT
- Experience with GRC tools (e.g., OneTrust, Optro, ServiceNow) is preferred
- Relevant certifications (e.g., CISA, CRISC, ISO 27001) are an advantage
Join our Talent Community to stay connected with us!
Qnity is an equal opportunity employer. Qualified applicants will be considered without regard to race, color, religion, creed, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability or any other protected class. If you need a reasonable accommodation to search or apply for a position, please visit our Accessibility Page for Contact Information.
Qnity offers a comprehensive pay and benefits package. To learn more visit the Compensation and Benefits page.
We use Artificial Intelligence (AI) to enhance our recruitment process. 
