ZipRecruiter

Log In

1

Cyber Risk Manager Jobs in Indiana (NOW HIRING)

Barbaricum

Program Manager III

Indianapolis, IN · On-site

... cyber capabilities. The successful candidate will ensure program performance, compliance with ... Develop and maintain program management plans, risk registers, and performance metrics. Coordinate ...

next page

Showing results 1-20

People also search for

All JobsCyber Risk Manager JobsCyber Risk Manager Jobs in Indiana

Cyber Risk Manager information

See Indiana salary details

$49K

$106.2K

$161.8K

How much do cyber risk manager jobs pay per year?

As of May 30, 2026, the average yearly pay for cyber risk manager in Indiana is $106,153.00, according to ZipRecruiter salary data. Most workers in this role earn between $85,600.00 and $122,800.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Cyber Risk Manager, and why are they important?

To thrive as a Cyber Risk Manager, you need a solid background in information security, risk assessment, and compliance, often supported by a degree in cybersecurity or a related field. Familiarity with risk management frameworks (such as NIST or ISO 27001), GRC tools, and relevant certifications like CISSP or CISM is typically required. Excellent analytical thinking, communication, and leadership skills set top performers apart in this role. These skills are crucial for identifying risks, implementing effective controls, and ensuring the organization’s digital assets remain secure and compliant.

How does a Cyber Risk Manager typically collaborate with other departments to strengthen an organization's cybersecurity posture?

A Cyber Risk Manager frequently works with IT, legal, compliance, and business units to identify, assess, and mitigate cyber risks across the organization. This collaboration involves leading risk assessments, facilitating security awareness training, and ensuring that cybersecurity policies align with business objectives. Regular cross-department meetings and incident response simulations are common, fostering a shared responsibility for cyber resilience. Effective communication and relationship-building skills are essential in this role to bridge technical and non-technical teams.

What does a Cyber Risk Manager do?

A Cyber Risk Manager is responsible for identifying, assessing, and mitigating risks related to information technology and cybersecurity within an organization. They develop and implement strategies to protect sensitive data and systems from cyber threats, ensure compliance with regulations, and work closely with other departments to minimize vulnerabilities. Their role often includes conducting risk assessments, managing incident response plans, and advising leadership on cybersecurity best practices.

What is the difference between Cyber Risk Manager vs Cybersecurity Analyst?

AspectCyber Risk ManagerCybersecurity Analyst
CertificationsCRISC, CISSP, CISMCompTIA Security+, CISSP, CEH
Work EnvironmentRisk assessment, policy development, strategic planningMonitoring security systems, incident response, vulnerability testing
Employer & Industry UsageFinancial, healthcare, large enterprisesIT departments, security firms, corporate environments

The Cyber Risk Manager focuses on identifying, assessing, and mitigating organizational cyber risks through strategic planning and policy development. In contrast, the Cybersecurity Analyst primarily monitors security systems, responds to incidents, and tests vulnerabilities. Both roles require certifications like CISSP, but their daily tasks and focus areas differ significantly, with the manager taking a broader, strategic approach and the analyst handling operational security tasks.

What are popular job titles related to Cyber Risk Manager jobs in Indiana? For Cyber Risk Manager jobs in Indiana, the most frequently searched job titles are:
What job categories do people searching Cyber Risk Manager jobs in Indiana look for? The top searched job categories for Cyber Risk Manager jobs in Indiana are:
Cyber Risk Manager jobs near you
Senior Director- Global Cyber Compliance

Senior Director- Global Cyber Compliance

Eli Lilly and Company

Indianapolis, IN • On-site

Full-time

Posted 6 days ago

Eli Lilly and Company rating

8.8

Company rating: 8.8 out of 10

Based on 62 frontline employees who took The Breakroom Quiz

11th of 70 rated pharmaceutical

Job description

At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We're looking for people who are determined to make life better for people around the world.
Lilly is seeking a Senior Director of Global Cyber Compliance to lead the transformation of our compliance function into a high-performing, AI-enabled, risk-responsive program that measurably reduces regulatory risk across Lilly's global technology environment. You will lead the strategy and execution across a complex, multi-framework regulatory landscape-including FDA 21 CFR Part 11, GxP, NIS2, ISO 27001, SOC 2, HIPAA, CCPA, PIPL/CSL/DSL, and emerging AI governance requirements-while ensuring every compliance decision is anchored to Lilly's threat-based cyber program.
You will bring the technical credibility to challenge the status quo, the platform acumen to automate compliance at scale through LogicGate Risk Cloud and AI-augmented workflows, the operational leadership to build and develop a global compliance team.
Four converging forces demand compliance leadership in global pharma:
  • Regulatory acceleration - NIS2, FDA cybersecurity guidance for digital health and manufacturing, the CCPA Cybersecurity Audit Rule, the DoJ Data Rule, Chinese regulations (PIPL/CSL/DSL), and emerging AI governance mandates are creating a multi-jurisdictional compliance surface that legacy, manual processes cannot scale to address.
  • Threat landscape maturity - Pharma IP, clinical trial data, OT/manufacturing systems, and drug supply chains are high-value adversary targets. Compliance not anchored to threats creates false assurance and misallocates resources.
  • AI and automation imperative - Manual evidence collection, spreadsheet-based control tracking, and static policy inventories are operationally unsustainable. The next-generation compliance function requires AI-augmented workflows, automated control testing, and intelligent risk quantification delivered through a modern GRC platform.
  • Global scale and complexity - Lilly's operating footprint spans EU, US, and APAC regulatory regimes simultaneously. A single-jurisdiction compliance approach is insufficient; this role requires an strong leader who can orchestrate compliance across manufacturing, research, and commercial technology environments at global scale.

What You Will Be Doing:
Global Compliance Strategy & Program Ownership
  • Define and lead the global cyber compliance program, establishing a clear approach that transitions the function from reactionary audits and inspections toward continuous, risk-responsive, program-aligned assurance.
  • Set the vision and drive execution for AI, automation and GRC platform capabilities to accelerate compliance delivery, reduce manual overhead, and improve compliance outcomes.
  • Own and evolve Lilly's multi-framework compliance program spanning FDA 21 CFR Part 11, GxP, ISO 27001, SOC 2, NIS2, HIPAA, CCPA, PIPL/CSL/DSL, and emerging AI/ML governance requirements across global manufacturing, research, and commercial technology environments.
  • Develop scope definitions for security controls and regulatory requirements that reduce task-driven overhead through technical innovation including AI and automation.

Regulatory Engagement & Inspection Readiness
  • Maintain a current-state, executive-ready view of how Lilly's cyber control environment satisfies each applicable regulatory framework, clearly mapping satisfied obligations and characterizing gaps with relevant regulatory risk analysis.
  • Drive effort to create and sustain inspection-ready documentation, evidence packages, and response protocols enabling confident engagement with authorities, ISO auditors, and other regulators globally with minimal lead time.
  • Develop deep working knowledge of how relevant regulatory bodies operate-their inspection methodologies, documentation expectations, finding classification frameworks, and how cyber evidence is evaluated, so preparation is proactive rather than reactive.
  • Translate regulatory gap analysis into prioritized, risk-ranked remediation roadmaps that leadership can act on, with clear articulation of residual risk where full remediation is not immediately feasible.
  • Serve as Lilly's primary internal and external subject-matter authority on cyber regulatory interpretation, informing program teams, platform owners, and business leaders on how new initiatives or technology changes affect compliance posture.

GRC Platform & AI-Enabled Compliance
  • Serve as the service owner for the LogicGate Risk Cloud compliance module, driving object hierarchy design, workflow automation, integration architecture, and adoption.
  • Champion and deliver AI-augmented compliance capabilities including policy intelligence, automated evidence collection, and natural language advisory tooling that enables teams to self-serve compliance guidance at speed.
  • Define the target state for compliance automation: continuous control testing, automated regulatory change monitoring, and real-time risk dashboards replacing manual audit cycles.

Process Optimization & Data Operations
  • Design and implement lightweight, scalable compliance processes that eliminate bottlenecks and drive operational efficiency across security and compliance functions.
  • Build data pipelines that consolidate compliance, security, and operational metrics from diverse sources into actionable, executive-ready reporting.
  • Develop predictive analytics capabilities that forecast compliance risk, resource requirements, and audit readiness posture.
  • Implement data governance frameworks ensuring compliance data quality, consistency, and accessibility across global security operations.

Cybersecurity Control Optimization
  • Apply knowledge of Lilly's cyber control environment and established frameworks to validate that control design satisfies applicable regulatory requirements.
  • Own and mature exception management processes, documenting control intensity adjustments based on validated compensating controls, risk context, and business justification.
  • Collaborate with Cyber service areas including Programs, Platforms, Operations, and M&A Cyber Integration to embed compliance into security operations rather than treating it as a parallel track.

Communication & Strategic Influence
  • Define and own outcome-based regulatory effectiveness, operational efficiency, and program maturity, replacing activity metrics with measures that demonstrate business value.
  • Communicate compliance posture, regulatory trends, and program effectiveness to executive cyber leadership in clear, concise language.
  • Represent Lilly Cybersecurity's compliance function in cross-functional forums and external regulatory interactions, building trust and credibility with partners across Legal, Quality, Finance, and the business.

Team Leadership & Organizational Development
  • Define team structure, roles, and operating model to support delivery across multiple concurrent regulatory frameworks and geographies.
  • Drive cross-functional alignment with Legal, Quality, Privacy, Internal Audit, and Regulatory Affairs-ensuring compliance activities are integrated, non-duplicative, and defensible under regulatory and third-party scrutiny.

How You Will Succeed:
  • Lead the view - you maintain a clear, current-state map of which regulatory obligations are satisfied by existing controls and where gaps require attention, so leadership is never surprised by an audit finding or regulatory inquiry.
  • Lead through transformation - you move the compliance function from reactive and manual to proactive, automated, and data-driven, with measurable gains in efficiency and regulatory quality.
  • Establish the team - you hire, develop, and retain compliance talent who grow their regulatory expertise, earn partner trust, and deliver outcomes beyond their individual scope.
  • Drive platform adoption - LogicGate Risk Cloud becomes the system of record for compliance, with teams self-serving compliance data and manual processes deprecated.
  • Lead with data - you replace activity-based reporting with outcome-based indicators that demonstrate regulatory effectiveness and operational efficiency in business terms.
  • Instill trust across the enterprise - Legal, Quality, Audit, and business collaborators see Cyber Compliance as a strategic partner that enables speed, not a gatekeeping function that creates friction.
  • Stay ahead globally - NIS2, FDA cyber guidance, AI governance, DoJ Bulk Data Rule, PIPL/CSL/DSL, and other emerging requirements are anticipated and addressed proactively before they become reactive remediation efforts.

Your Basic Qualifications:
  • Bachelor's degree in Information Security, Computer Science, Risk Management, Operations Research, or related field
  • 12+ years of dynamic experience in cybersecurity compliance, risk management, GRC, or data operations roles within complex, global technology environments.
  • Experience designing and operating multi-framework compliance programs that prioritize controls based on risk rather than static regulatory checklists.
  • Hands-on experience implementing or operating a modern GRC platform (LogicGate, ServiceNow GRC, Archer) at enterprise scale.
  • Experience in highly regulated, multinational environments with demonstrated regulatory engagement, inspection support, and audit management success (FDA, EMA, ISO, NIS2, or equivalent).
  • Qualified applicants must be authorized to work in the United States on a full-time basis. Lilly will not provide support for or sponsor work authorization or visas for this role, including but not limited to F-1 CPT, F-1 OPT, F-1 STEM OPT, J-1, H-1B, TN, O-1, E-3, H-1B1, or L-1.

Certifications (Required or Expected Within 12 Months)
  • One or more certifications required or to be obtained within 12 months of hire: CISSP, CISA, CRISC, CISM, or equivalent advanced cybersecurity certification.

What You Should Bring/ Preferred Qualifications:
  • Advanced degree (MBA, MS) in a relevant field preferred.
  • Working knowledge of how FDA, EMA, NIS2 competent authorities, and ISO certification bodies conduct cybersecurity-related inspections-including documentation expectations, finding classification, and evidence evaluation criteria
  • Demonstrated track record redefining a compliance function from reactive and manual to proactive, AI-augmented, and platform-enabled-with measurable efficiency and quality improvements
  • Experience performing structured regulatory gap analysis: mapping existing control environments to regulatory requirements, quantifying residual risk, and communicating findings to executive audiences
  • Experience operating in multinational pharma, medtech, or life sciences environments across EU, US, and APAC regulatory regimes concurrently
  • Familiarity with GxP computer system validation (CSV), 21 CFR Part 11 electronic records/signatures, and audit trail requirements in pharmaceutical or life sciences technology contexts
  • Track record of building and presenting executive-ready compliance risk dashboards and reporting
  • Knowledge of cybersecurity frameworks and their application to control design and regulatory mapping
  • Experience with M&A cybersecurity due diligence and integrating compliance programs across acquired entities at global scale
  • Experience with AI/ML governance frameworks and AI risk management (NIST AI RMF, EU AI Act implications for pharma)
  • Shown ability to build, develop, and retain high-performing compliance teams-including coaching members through their first regulatory engagement or audit cycle
  • Proficiency with GRC automation, workflow configuration, and compliance-as-code concepts; experience with LogicGate Risk Cloud a strong plus
  • Advanced proficiency in data analytics tools (Python, R, SQL, Tableau, Power BI) and experience building automated reporting pipelines
  • Understanding of OT/ICS security (NIST 800-82, IEC 62443) in pharmaceutical manufacturing or critical infrastructure contexts
  • Experience with workflow automation platforms and data pipeline technologies in a compliance or security operations context
  • Familiarity with third-party risk management, vendor security assessment programs, and supply chain compliance considerations
  • Familiarity with AI self-service advisory tooling or cybersecurity chatbot capabilities in a compliance context

Lilly is dedicated to helping individuals with disabilities to actively engage in the workforce, ensuring equal opportunities when vying for positions. If you require accommodation to submit a resume for a position at Lilly, please complete the accommodation request form (https://careers.lilly.com/us/en/workplace-accommodation) for further assistance. Please note this is for individuals to request an accommodation as part of the application process and any other correspondence will not receive a response.
Lilly is proud to be an EEO Employer and does not discriminate on the basis of age, race, color, religion, gender identity, sex, gender expression, sexual orientation, genetic information, ancestry, national origin, protected veteran status, disability, or any other legally protected status.
Our employee resource groups (ERGs) offer strong support networks for their members and are open to all employees. Our current groups include: Africa, Middle East, Central Asia Network, Black Employees at Lilly, Chinese Culture Network, Japanese International Leadership Network (JILN), Lilly India Network, Organization of Latinx at Lilly (OLA), PRIDE (LGBTQ+ Allies), Veterans Leadership Network (VLN), Women's Initiative for Leading at Lilly (WILL), enAble (for people with disabilities). Learn more about all of our groups.
Actual compensation will depend on a candidate's education, experience, skills, and geographic location. The anticipated wage for this position is
$157,500 - $231,000
Full-time equivalent em...

What Eli Lilly and Company employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom

Eli Lilly logo

About Eli Lilly

Sourced by ZipRecruiter

Eli Lilly, based in Indianapolis, IN, US, is one of the pioneers in the pharmaceutical industry with a rich history dating back to 1876. This global pharmaceutical company focuses on discovering, developing, manufacturing and selling pharmaceutical products in approximately 120 countries. The company's product categories include endocrinology, oncology, cardiovascular, neuroscience, and immunology. Having invested over $9 billion in research and development in the past decade, Eli Lilly is also committed to creating high-quality medicines that meet real needs. As a recipient of several awards and recognitions, Eli Lilly is known for its focus on life-saving research and drug development. Their mission is to make medicines that help people live longer, healthier, and more active lives.

Industry

Pharmaceutical product wholesalers

Company size

10,000+ Employees

Headquarters location

Indianapolis, IN, US

Year founded

1876

View All Eli Lilly Jobs

Apply