Compliance Manager

Expedia•Austin, TX

59d•Remote

About The Position

Expedia Group brands power global travel for everyone, everywhere. We design cutting-edge tech to make travel smoother and more memorable, and we create groundbreaking solutions for our partners. Our diverse, vibrant, and welcoming community is essential in driving our success. Why Join Us? To shape the future of travel, people must come first. Guided by our Values and Leadership Agreements, we foster an open culture where everyone belongs, differences are celebrated and know that when one of us wins, we all win. We provide a full benefits package, including exciting travel perks, generous time-off, parental leave, a flexible work model (with some pretty cool offices), and career development resources, all to fuel our employees' passion for travel and ensure a rewarding career journey. We’re building a more open world. Join us. Compliance Manager In this role, you will: Plan, direct, or coordinate activities of an organization to ensure compliance with ethical or regulatory standards. Support and advise business partners with SOX audit findings, internal operational/compliance audits, and internal/external risk assessments. Support SOX control deficiency assessments and remediation efforts by working directly with control owners to perform impact analysis and control design/operation remediation. Collaborate with internal IT and business stakeholders to identify financial and regulatory risks and develop mitigating control procedures for future state processes and system implementations. Support control environment improvements efforts by identifying opportunities for control efficiencies, process automation, and control consolidation. Track and effectively communicate project and responsibility status with controllership and stakeholder teams. Prepare executive presentation materials. Lead and perform business and technology process risk assessments for top priority areas. Drive compliance excellence for Expedia Group including compliance with company’s policies, external regulations, and established risk management processes. May telecommute.

Requirements

IT General Controls such as Logical Access, Change Management, IT Operations, or Program Development/SDLC
Data governance including frameworks, policies, third-party data risks, and data security and protection
Data privacy compliance including GDPR, CCPA, HIPAA, and other regulations
Developing full project plans, defining timeframe, and prioritizing tasks to achieve project milestones and deliver intended objectives across multiple projects
Enterprise Risk Management frameworks such as ISO 31000 or COSO
Control frameworks such as COBIT or NIST
Understanding of U.S. PCAOB standards and control deficiency evaluation frameworks
Understanding of laws and regulations such as SOX, GDPR, HIPAA, FCPA, PCI-DSS
Understanding of electronic workpapers or GRC and Audit Management systems
Understanding of IAA framework and IT control framework
Risk management principles
Remediation plan development and risk mitigation strategies
Proficiency in tools like Confluence, SharePoint, or One Drive for document management and collaboration

Responsibilities

Plan, direct, or coordinate activities of an organization to ensure compliance with ethical or regulatory standards.
Support and advise business partners with SOX audit findings, internal operational/compliance audits, and internal/external risk assessments.
Support SOX control deficiency assessments and remediation efforts by working directly with control owners to perform impact analysis and control design/operation remediation.
Collaborate with internal IT and business stakeholders to identify financial and regulatory risks and develop mitigating control procedures for future state processes and system implementations.
Support control environment improvements efforts by identifying opportunities for control efficiencies, process automation, and control consolidation.
Track and effectively communicate project and responsibility status with controllership and stakeholder teams.
Prepare executive presentation materials.
Lead and perform business and technology process risk assessments for top priority areas.
Drive compliance excellence for Expedia Group including compliance with company’s policies, external regulations, and established risk management processes.