IT Compliance Manager

About The Position

Requirements

• Bachelor’s degree from an accredited university or 5 years of experience in governance risk compliance (GRC).
• Articulate with strong business acumen and executive presence.
• Experience leading others and managing IT compliance audits. Inclusive of leading controls walkthroughs, interviewing stakeholders, gathering information, and identifying relevant information for documentation.
• Experience developing and implementing policies and procedures.
• Coachable and willing to learn with positive demeanor.
• Ability to take initiative and drive results.
• Excellent communication, leadership, interpersonal, and project management skills.
• Advanced IT audit skills.
• Ability to multi-task effectively and manage multiple priorities.
• Current on the latest technological advances and best practices within information security space.
• Proficient in Microsoft Office applications.
• Strong knowledge of risk management methodologies.
• Ability to quickly identify and document security policies, procedures and standards with little to no guidance.
• SOX, NIST, ISO 27001, PCI, SOC 2 working experience and/or certification(s).
• CIA, or CISA (Other relevant certifications will be considered).
• Successful completion of the Nlets fingerprinting background assessment.
• Must be locally located and okay working a 3 days in office hybrid model and 2 days remote

Nice To Haves

• Strong technical acumen with (DoD Directive 8140 minimum) certification of CISSP or CompTIA Security+.
• Strong organizational and time management abilities with formal project management experience and/or certification(s).
• Experience in risk management theory and practice.
• Work well under pressure and respond to tight deadlines while exercising sound judgment.
• Ability to work collaboratively with diverse stakeholders.
• Experience working in GRC tools.
• Proficiency in Microsoft Office (i.e., excel xlookup, Power BI report building).
• Demonstrated ability to multi-task, respond to needs quickly and efficiently and prioritize work with a strong attention to detail.
• Self-starter and possess the qualities to work efficiently, effectively, and autonomously
• Experience working in a regulated industry.
• Worked with ERP systems (e.g., Oracle, SAP, NetSuite, Great Plains, etc.).

Responsibilities

• Develop and implement policies, standards, and procedures fostering compliance commensurate with regulatory and customer requirements, as well as third-party frameworks such as NIST, SOX, SOC2, ISO 27001, FedRAMP, and PCI.
• Continually analyze opportunities for process optimization and automation.
• Manage and conduct internal and external audits at planned intervals and on an ad hoc basis which includes the evaluation and validation of the design and operational effectiveness of technical, physical, and administrative controls to help reduce risk in the organization.
• Monitor open audit items from audits to ensure completion of remediation activities defined in the agreed action plans and risk treatment plans.
• Support leadership teams to develop and expand continuous monitoring processes to strengthen confidence in Verra Mobilities compliance program.
• Stay up to date on industry best practices and provide compliance-related subject matter expertise support to the sales, product, and legal organizations.
• Partner with cross-functional stakeholders to support cyber-insurance renewals.
• Develop, implement, and maintain the cybersecurity risk management program for both internal and external (third-party) risk.
• Develop and manage reports, metrics, and scorecards related to risk and compliance activities with an emphasis on continuous improvements.
• Support security leadership in all activities related to risk management.
• Partner with Legal & Sales to respond to requests for proposals, requests for information, and customer contract reviews.
• Participate in Mergers & Acquisition activities.