Information Technology Compliance Manager

MSD Careers-posted 2 days ago
$116,600 - $177,800/Yr
Full-time • Mid Level
Rockville, MD
251-500 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

This position is responsible for design, implementation, and ongoing maintenance of the Information Technology (IT) Compliance Program. This includes both internal controls definition, interpretation, and adherence efforts as well as supporting our customer’s information security requirements. The successful candidate will also be responsible for helping keep the compliance program current with all applicable US and international IT regulations and guidelines and advising leadership on IT compliance matters.

  • Lead in the development of IT controls using best practice frameworks.
  • Evaluate the effectiveness and applicability of IT controls
  • Drive the adherence of IT controls and best practices.
  • Keeping current on cyber best practices, strategies, and concepts.
  • Holding technical teams accountable for security and compliance deliverables.
  • Conduct compliance reviews and assessments.
  • Craft reports and dashboards which show the current compliance condition and track relevant goals.
  • Continually evaluate and baseline internal information security practices against nationally and internationally recognized frameworks.
  • Support the Cybersecurity maturity program through tracking milestones and, programs, and initiatives.
  • Work with Quality, Regulatory Affairs, and auditors to provide needed data or materials in the support of audits.
  • Assist in the delivery of Third Party Risk Management (TPRM) attestations to customers
  • Serves as the FedRAMP Program Manager
  • Work with various IT groups to ensure that IT systems adhere to corporate standards
  • Interact with various technology teams to confirm findings and mitigation.
  • Assist in the execution of the Vulnerability Management Program
  • Support IT Risk, Security, and Compliance certifications activities.
  • Bachelor’s degree in a related field
  • Minimum of five years of experience in managing complex IT compliance requirements.
  • Experience with Information Technology and Information Security Concepts
  • Experience in both U.S. and international data protection and privacy regulatory requirements, such as GDPR, CCPA, etc. (strongly preferred)
  • Experience managing a FedRAMP program including developing the support deliverables for reauthorization as well as the monthly continuous monitoring standards and criteria.
  • Experience as an auditor for a complex compliance regime such as ISO 27000, NIST 800-53, NIST 800-171, etc.
  • Experience leading, managing, and mentoring individuals including direct reports, matrixed reports, and project assigned staff.
  • Strong problem solving, decision-making, reporting, communication and management skills.
  • Strong organization, analytical and project management skills.
  • Strong planning, implementation and negotiation skills.
  • Effective interpersonal communication skills.
  • Proficient computer skills, especially Microsoft Office applications.
  • Ability to multi-task and track many simultaneous initiatives.
  • Communication and Technical writing skills.
  • Must work effectively with a team and individually
  • Ability to evaluate regulatory documents and determine appropriate action
  • Strong understanding of risk management concepts and the ability to apply them to a business environment.
  • Familiarity with compliance certification regimes such as SOC 2, ISO 27001, and PCI. (Preferred)
  • Understanding of the compliance inner workings and challenges of Amazon Web Services (AWS (Preferred)
  • Expert level understanding of the following IT Compliance frameworks and regulations and how they apply in the commercial environment; ISO 27000 (27001 and 27017) Nist 800-53 or NIST 800-171 FedRAMP SOC 2 (Preferred) GDPR or CCPA (Preferred) HIPAA or HiTrust (Preferred) 21 CFR Part 11 (Preferred)
  • The following audit or compliance certifications are preferred, but not required; CISA – Certified Information System Auditor CRISC – Certified in Risk and Information Systems Controls SSCP – Systems Security Certified Professional CSA CCSK – Certificate of Cloud Security Knowledge CSA CCAK – Certificate of Cloud Auditing Knowledge
  • At MSD, we offer a comprehensive benefits package to support our employees' well-being and financial security.
  • In addition to competitive salaries, our benefits include medical, dental, and vision coverage, along with prescription benefits.
  • We provide a 401(k) plan with company matching, flexible spending accounts, and company-paid short- and long-term disability insurance as well as group life and accidental death and dismemberment insurance.
  • Our offerings also encompass paid vacation, paid sick leave, paid holidays, and paid parental leave, along with an employee assistance program.
  • Additional voluntary perks include a fitness club membership contribution, pet insurance, identity theft protection, home and auto insurance discounts, and optional supplemental life insurance.
Track Jobs with Teal

Job Search Resources

Resume Builder
Compliance Manager Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service