Manager, Cybersecurity Governance, Security - Grapevine, TX, USA

Applicants must live within the Dallas/Ft. Worth metropolitan area. Applicants must be authorized to work for any employer in the U.S. ·   · We are unable to sponsor or take over sponsorship of an employment Visa at this time. ·   · This position requires some weekly in-office/o ...

Job description

Applicants must live within the Dallas/Ft. Worth metropolitan area. Applicants must be authorized to work for any employer in the U.S.
 
We are unable to sponsor or take over sponsorship of an employment Visa at this time.
 
This position requires some weekly in-office/onsite.  (Grapevine, TX) 
 

JOB OVERVIEW

As the Security and Privacy Manager, you will provide strategic leadership in advancing Kubota's North American privacy and governance, risk, and compliance (GRC) initiatives.

You will oversee the design, implementation, and optimization of security and privacy frameworks, technologies, and processes across the enterprise.
 

This role requires deep technical expertise, strong leadership, and the ability to translate complex regulatory and security requirements into scalable, business-friendly solutions.

You will manage a team of privacy engineers and GRC specialists, foster cross-functional collaboration, and champion a culture of compliance and security excellence.

 

Additionally, you will ensure high-quality service delivery by anticipating organizational needs, resolving issues with urgency and professionalism, and driving continuous improvement in Kubota's risk posture.

 

QUALIFICATIONS
Bachelor's degree in information security, Privacy Engineering, Computer Science, or related field preferred:

With degree: 8+ years of relevant experience, including 3+ years in a leadership role.
In lieu of degree: 12+ years of relevant experience.

Deep knowledge of U.S. and international privacy and cybersecurity regulations.
Proven experience leading security, privacy, and GRC programs and managing technical teams.
Expertise in privacy management platforms (e.g., OneTrust), GRC tools, vulnerability management, and cloud environments.
Strong leadership, communication, and strategic planning skills.


KEY RESPONSIBILITIES
This position does the following in accordance with all applicable Federal, State and local laws / regulations and the Company's policies, procedures and guidelines:
Program Leadership & Strategy

Define and execute Kubota's enterprise security and privacy strategy, ensuring alignment with global regulations and corporate objectives.
Lead and manage Privacy Engineering and GRC teams, including hiring, mentoring, and performance development.
Serve as the primary escalation point for security and privacy compliance inquiries and strategic initiatives.
Develop, implement, and manage security and privacy policies, standards, and procedures across the organization.
Champion enterprise-wide adoption of privacy-by-design and security-by-design principles.

Regulatory & Framework Expertise

Interpret and operationalize complex privacy and cybersecurity regulations (GDPR, CPRA, CDPA, NYDFS, FISMA, PCI DSS, SOX) across business units.
Ensure compliance with frameworks such as NIST Cybersecurity Framework, NIST Privacy Framework, ISO/IEC 27001, and ISO/IEC 27701.
Monitor regulatory changes and proactively assess organizational impact.

Technology & Tooling

Direct the configuration, integration, and optimization of privacy and GRC platforms (e.g., OneTrust, ZenGRC, Workiva).
Oversee enterprise solutions for consent management, vulnerability tracking, and automated compliance workflows.
Collaborate with IT and Security teams to embed privacy and GRC tooling into cloud and on-prem environments.

Third-Party Risk & Vendor Management

Establish and manage third-party risk programs, including privacy and cybersecurity assessments, contract reviews, and compliance monitoring.
Develop vendor risk scoring models and dashboards for executive reporting.
Partner with Legal and Procurement to enforce privacy and security clauses in vendor engagements.

Vulnerability Management

Oversee vulnerability management processes across privacy and cybersecurity systems.
Collaborate with the affiliates to ensure timely identification, prioritization, and remediation of vulnerabilities.
Implement continuous monitoring and reporting of vulnerability status to leadership.

Cybersecurity GRC

Integrate cybersecurity risk management into Kubota's business processes.
Develop and maintain risk registers, control libraries, and compliance dashboards for security and privacy.
Partner with Internal Audit and Kubota Japan to ensure alignment with corporate governance standards.
Provide executive-level reporting for affiliate security manages of cybersecurity risks, mitigation strategies, and compliance posture.

Security Awareness Program

Develop, implement, and manage Kubota's Security Awareness Program to educate employees on cybersecurity best practices.
Create engaging training content and campaigns to reduce human risk factors (e.g., phishing, social engineering).
Measure program effectiveness through metrics, reporting, and continuous improvement initiatives.
Collaborate with HR and Communications to ensure cultural alignment.

Training & Advocacy

Design and deliver advanced security and privacy training for technical and non-technical audiences.
Promote awareness through strategic communication and organizational engagement.
Act as a thought leader and advocate for security and privacy across Kubota's North American operations.

Other Responsibilities

Provide executive-level reporting on security and privacy metrics, risks, and progress of remediation.
Support enterprise compliance and risk management initiatives as assigned.


PHYSICAL REQUIREMENTS

Requires sufficient personal mobility and physical reflexes, to permit the employee to function in a general office environment and accomplish tasks and duties as outlined above.

 

DISCLAIMER:

The information provided in the description has been designed to indicate the general nature and level of work performed by incumbents within the classification.  This description is not intended to be a comprehensive inventory of all duties, responsibilities, qualifications and working conditions required of employees assigned to this job/classification.  This job is intended to include the current essential functions of the job.  Management reserves the right to add or modify the duties and responsibilities and to designate other functions as essential at any time.

 
#SJNonWarehouse