Share this Job

Information Security Manager

Date: Sep 13, 2022

Location: Nashville, TN, US, 37228

Company: A. O. Smith Corporation

Company / Location Information

We are one of the leading manufacturers of water heating and water treatment technologies in the world. We are a $3.5 billion company with 140+ years history and we employ more than 12,000 individuals globally who pride themselves on providing the world with innovative water technology. We are committed to Continuous Improvement, not just in our factories or processes, but in our people.


A.O. Smith is committed to continuous improvement and maintaining a culture that values and respects our employees.  Recognized by The Tennessean as one of the top Nashville area Workplaces, we have programs in place to help our team members achieve their potential. When you join our team, you will receive rewards and recognition for your contributions, training and professional development opportunities, as well as a variety of benefits to support you and your family's health, well-being, and financial future. If you are inspired to learn, take risks, and succeed as a team, you can build an amazing career at A. O. Smith.


This role is located in our modern Nashville Metro Center office, located just minutes from downtown with easy interstate access and free parking.

Primary Function

As a Cybersecurity Risk Management Lead, you will work with all levels of leadership within IT and other business areas (e.g., supply chain, procurement, and legal) to assess, track mitigations, and monitor A.O. Smith's third-parties cybersecurity risk. To ensure success in this position, you should possess extensive working knowledge of cybersecurity risk management processes, tools, dependencies, and integrations.  Our ideal candidate thrives in collaborative team environments, has strong leadership skills, is comfortable interacting with staff who have varying degrees of technical knowledge, has strong problem-solving skills with a drive to understand how things work, and isn’t afraid to ask questions.



  • Responsible for managing Information Security Governance, Risk & Compliance functions to implement our global security policies, standards and controls at a global level.
  • Own and drive Governance, Risk, & Compliance for the global enterprise.
  • Manage, and coordinate information security assessments with 3rd party partners.
  • Acts as subject matter expert for Information Security in support of the global Privacy initiatives.
  • Monitors and reviews regulatory updates and issues relative to pertinent security regulatory requirements (such as GDPR, PCI or SOX) and escalates findings appropriately.
  • Lead and manage GRC related projects
  • Represent the cyber security function in multiple forums
  • Report directly to the Director of Information Security
  • Develop and manage cybersecurity policy, risk, and overall security best practices
  • Other duties may be assigned as needed.


  • Bachelor's degree in IT management or another related discipline
  • 7+ years related work experience or training
  • 2+ years supervisory/leadership experience
  • Working knowledge of Governance, Risk, & Compliance platforms
  • Working knowledge of Information Security Policy
  • Strong organizational skills and attention to detail
  • Excellent written and verbal communication skills
  • Ability to deal tactfully and diplomatically with others
  • Flexibility to handle multiple priorities, sometimes simultaneously, under deadline pressure
  • CISSP certification, or appropriate SANS certifications

We Offer

Competitive compensation package and comprehensive benefits plans which include medical and dental insurance, company-sponsored life insurance, retirement security savings plan, short- and long-term disability programs and tuition assistance.

Nearest Major Market: Nashville

Job Segment: Compliance, Information Security, Cyber Security, Information Technology, IT Manager, Legal, Technology, Security