ABOUT US:

NewMarket Corporation, headquartered in Richmond, Virginia, is the parent company of Afton Chemical Corporation (Afton), Ethyl Corporation (Ethyl), and American Pacific Corporation (AMPAC).  The Afton and Ethyl companies develop, manufacture, blend, and deliver chemical additives that enhance the performance of petroleum products.  Afton is a leading manufacturer and marketer of performance enhancing fuel and lubricant additives with operations around the world.  AMPAC, with operations in the U.S., is a manufacturer of specialty materials primarily used in solid rocket motors for the aerospace and defense industries.

JOB SUMMARY:   

The IT Compliance Specialist supports the organization’s information security and compliance programs by ensuring adherence to corporate policies, industry standards, and regulatory requirements. This role focuses on security compliance management, third-party risk evaluation, and cybersecurity awareness. The specialist administers phishing simulations, facilitates training initiatives, coordinates vendor security assessments, and contributes to continuous improvement of the organization’s cybersecurity governance framework.

• Security Compliance and Governance
  • Support the development, implementation, and maintenance of IT security policies, procedures, and standards in alignment with frameworks such as TISAX, NIST CSF, ISO 27001, and SOC 2.
  • Conduct periodic compliance reviews and audits to ensure controls are effective and documented.
  • Assist in preparing evidence and reports for internal and external audits.
  • Monitor regulatory changes and emerging compliance requirements to ensure organizational readiness.
    
    
• Third-Party and Vendor Risk Management
  • Manage and execute the third-party security risk assessment process for new and existing vendors.
  • Evaluate vendor security documentation (SOC 2 reports, ISO certifications, questionnaires, etc.) and coordinate follow-ups on remediation actions.
  • Collaborate with procurement, legal, and IT teams to ensure vendor relationships meet corporate security and compliance standards.
  • Maintain a centralized inventory of third-party vendors and associated risk levels.
    
    
• Cybersecurity Awareness and Phishing Simulation
  • Design, deploy, and track phishing simulation campaigns and cybersecurity awareness programs.
  • Analyze campaign metrics to identify high-risk groups and tailor follow-up training.
  • Develop and deliver security education content, ensuring employees understand key security responsibilities.
  • Partner with IT and Business to promote a culture of security awareness globally.
    
    
• Audit Support and Risk Reporting
  • Assist in the coordination of internal and external IT audits, ensuring timely collection of evidence and accurate documentation.
  • Support risk assessments and contribute to reporting on compliance posture and risk metrics.
  • Maintain detailed records of audit findings, remediation efforts, and compliance exceptions.
    
    
• Continuous Improvement and Collaboration
  • Collaborate with cybersecurity and IT operations teams to align technical controls with compliance requirements.
  • Recommend and implement improvements to compliance processes, awareness programs, and vendor governance workflows.
  • Serve as a liaison between the Security, IT, Legal, and Procurement functions to ensure consistent application of security and compliance standards.

EDUCATION & EXPERIENCE MINIMUMS:

• Experience in information security, compliance, or IT audit, preferably in a global enterprise environment.
• Proven ability to manage phishing simulations, security awareness training, or compliance programs.
• Bachelor’s degree in Information Technology, Cybersecurity, or a related field.
• Familiarity with vendor risk management practices and compliance frameworks (e.g., NIST, ISO 27001, SOC 2, GDPR).
  
  

EDUCATION & EXPERIENCE PREFERRED:

• Industry-recognized certifications such as CISA, CRISC, CISM, or Security+.
• Experience working with third-party risk platforms, GRC tools, or security awareness solutions (e.g., KnowBe4, Proofpoint, or similar).
• Background in audit support, regulatory compliance, or IT governance.

Due to the nature of our work with ITAR-controlled items, this position requires access to technical data and hardware subject to the International Traffic in Arms Regulations (ITAR). All applicants must be a "U.S. person" within the meaning of ITAR, which includes U.S. citizens, lawful permanent residents (Green Card holders), and protected individuals (including refugees and asylees).

For NewMarket or Afton employees, an appropriate combination of experiences that will support the required skill base may replace one or more of the specific experience requirements above.

SKILLS/ABILITIES:

• Strong understanding of IT and cybersecurity compliance principles.
• Familiarity with third-party risk management frameworks and vendor due diligence practices.
• Experience with phishing simulation tools and cybersecurity awareness platforms.
• Excellent analytical, documentation, and communication skills.
• Ability to interpret and apply policies, standards, and regulatory requirements across multiple regions.
• Detail-oriented with strong organizational skills and the ability to manage multiple projects simultaneously.
• Collaborative mindset with the ability to work across IT, security, legal, and business teams.
• Self-driven and adaptable, capable of managing priorities in a fast-paced environment.

Working at NewMarket

Who We Are - We're a diverse, global family of individuals, who share a passion for developing innovative solutions. We build our professional relationships on respect, integrity and a commitment to safety and quality. Just as these values apply to our professional relationships, they also apply to the way we feel about our neighbors and communities.

Our Work - At NewMarket, our innovative R&D programs lead to global growth. Our lubricant and fuel additives are among the most highly developed and widely used in the petroleum industry. Afton is a recognized and trusted supplier of driveline lubricant additives, engine oil additives, fuel additives and industrial lubricant additives.

Benefits / Compensation - We offer competitive compensation and benefit packages that reflect our commitment to our employees. Our employees are our most treasured asset and we have dedicated resources that allow us to reward our employees for their commitment on an ongoing basis - ensuring our compensation packages are competitive in the industry.

An Equal Employment Opportunity/Affirmative Action Employer.  All qualified applicants will receive consideration for employment without regard to the individual’s race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, genetic information (including family medical history), political affiliation, military service, or other non-merit based factors.