Head of Cybersecurity Compliance

Role:

Department:

Reports To:

Location:

Role Overview

The Head of Cybersecurity Compliance (Global) will lead the design, implementation, and governance of cybersecurity compliance programs across all global manufacturing sites, R&D centers, and corporate offices. This role ensures adherence to international regulations, industry standards, and internal security policies, covering both IT and OT environments critical to EMS & Semiconductor manufacturing. The position requires strategic leadership, global regulatory expertise, and strong collaboration with regional teams.

Key responsibilities

Global Compliance Leadership

1. Develop and maintain a global cybersecurity compliance framework aligned with ISO 27001, NIST CSF, IEC 62443 (for OT), GDPR, AIMS ISO42001 and other international regulations.
2. Ensure compliance with export control regulations (ITAR, EAR) and semiconductor-specific security standards, including SEMI E187/E188/E191 and SEMI cybersecurity guidelines.
3. Integrate AI governance and compliance aligned with ISO/IEC 42001 (AI Management System) for AI-driven manufacturing processes.
4. Oversee multi-region audits, certifications, and regulatory assessments across all sites

Cybersecurity Governance

1. Establish and lead a global cybersecurity governance model, ensuring alignment with corporate risk management and compliance objectives.
2. Define governance structures, roles, and responsibilities for cybersecurity across regions.
3. Drive board-level reporting on compliance posture, risk metrics, and governance effectiveness.

Risk, Policy & Audit Management

1. Conduct global risk assessments for IT and OT systems, including fab operations and supply chain.
2. Define risk tolerance levels and ensure mitigation strategies are implemented across regions.
3. Develop and enforce global cybersecurity policies, ensuring localization for regional compliance.
4. Lead internal and external cybersecurity audits, ensuring timely remediation of findings.

Training & Awareness

1. Drive security awareness programs across diverse geographies and cultures.
2. Ensure governance and compliance training for leadership and operational teams globally.

Operational Oversight

1. Collaborate with regional manufacturing and engineering teams to secure production systems and critical infrastructure.
2. Ensure secure design principles in semiconductor fabrication and R&D processes.
3. Oversee incident response and business continuity planning from a compliance perspective globally.

Stakeholder & Regulatory Engagement

1. Act as the primary liaison with global regulators, auditors, and certification bodies.
2. Partner with legal, procurement, and vendor management teams to ensure third-party compliance globally.

Qualifications & Experience

• Bachelor’s or Master’s in Engineering, Cybersecurity, or related field.
• 12+ years in cybersecurity, with 5+ years in a global leadership role focused on compliance and governance.
• Experience in semiconductor or high-tech manufacturing environments is highly desirable.
• Proven experience with SEMI standards (e.g., SEMI E187), ISO/IEC 42001 (AI governance), and cybersecurity audits.
• Certifications: CISSP, CISM, CISA, CCISO; ISO 27001 Lead Auditor preferred.

Essential Attributes:

• Deep understanding of IT and OT security frameworks.
• Expertise in global regulatory compliance, governance, and risk management.
• Strong cross-cultural communication and leadership skills
• Knowledge of semiconductor manufacturing processes and MES systems.
• Worked in EMS/Semicon industry will be of added importance

Key Competencies

• Strategic global mindset with ability to navigate complex regulatory landscapes.
• Proven ability to manage compliance programs across multiple geographies.
• Strong leadership and influence without authority in a matrixed organization