The IT Compliance Manager will be responsible for the execution of the Compliance program, including analyzing IT processes, risk, and controls; implementing controls to mitigate risk, performing root cause analysis, identifying improvement opportunities and recommending achievable action plans. This role will also support our audit partners and business customers, to include the head of audit. The selected candidate will have a solid understanding of IT systems and will understand the regulatory impact of changes to applications and infrastructure.
What you will do:
- Serve as the main point of contact for the Information Technology (IT) team for all internal and external audit requirements
- Act as the primary liaison between the IT staff and corporate internal and external audit resources (including managing internal and external audit engagements, coordinating audit request, managing issue mitigation, remediation, and reporting)
- Manage IT process and controls documentation for SOX compliance (IT risk control matrix, process flowcharts) and support SOX and regulatory requirements for Oracle, OS400, SQL, and other IT systems
- Understand compliance requirements thoroughly and become a trusted Subject Matter Expert (SME) for guiding IT and business leadership in regards to managing technology risk and control needs
- Drive the development of tools, automation, and practices to better support control compliance
- Provide proactive oversight of recurring quarterly, monthly, weekly and daily IT activities supporting compliance needs
- Be responsible for the governance and oversight of managed service providers performing outsourced information security and compliance operational activities
- Own the IT controls, framework mappings and IT GRC tool/process to ensure coverage for various compliance frameworks such as COBIT, ITIL, and NIST
What you will need:
- Bachelors or Technical Degree, Preferred (Computer Science, Information Systems, Business administration, or other industry related curriculum) /Industry equivalent experience with certifications or specialized training will be considered.
- Minimum of 6-9 years of IT auditing/compliance, risk assurance, IT advisory, or internal audit experience
- Broad understanding of all IT areas, including infrastructure, system development life cycle (SDLC), auditing, and internal controls
- Experience with using Galvanize (Diligent) advanced analytics & workflow automation(Preferred)