IT Compliance Manager

NXP Semiconductors

1d•Hybrid

About The Position

The IT Compliance Manager is responsible for managing IT Compliance requirements in NXP IT. Key activities include helping to create and maintain NXPs IT General Control environment (ITGC) across all in scope SOX systems and performing various compliance assessments for Information Security, AI and Sustainability (ESG) compliance. This position will help ensuring that all key IT control objectives are in place and operating, help coach control owners on changes that need to be made in the event a control is not operating and designing remediation plans. Candidates must have direct “hands-on” experience in IT (SOX) audits, performing various compliance assessments, and have a sound understanding of IT Compliance requirements is a must. Effective stakeholder communication and coaching is pivotal in this role as well the ability to manage change and apply a mindset of driving activities to closure. This is a cross-functional role, working closely with all IT groups across NXP and other functional (business) teams to ensure controls and compliance requirements are clearly defined and implemented. Candidates must be able speak both technical and business language interchangeably. You will report to the IT Audit & Compliance Director in IT-Information Security. The position is part of the ‘Audit and Compliance’ division in IT-Information Security, a team consisting out of 6 audit/compliance professionals.

Requirements

Bachelor’s degree in Accounting, Business, Law, Information Technology or Computer Science preferred or equivalent experience.
Minimum of 5-7 years’ work experience in IT Risk Management, Information Security Compliance, IT Compliance, SOX compliance and auditing with a strong background in IT controls.
RE, CISA, CISM – certified or equivalent is a pre
A background in auditing SAP and other IT controls along with automated and business process controls.
Technical knowledge of IT landscapes and roadmaps
Strong understanding of Sarbanes-Oxley (SOX), NIS2 and other IT compliance requirements that may impact compliance as well as key reference frameworks such as NIST CSF and NIST SP800/53
Experience with controls automation
Strong conceptual, analytical, problem-solving, troubleshooting and resolution skills.
Mindset of driving activities to closure and taking ownership
Strong coaching and presentation skills

Responsibilities

Proactively advise on IT risks, maintaining the IT control environment, policies and overall framework
Perform compliance assessments on compliance requirements such as NIS2 and using reference frameworks such as NIST SP800/53, NIST CSF and NIST AI framework and identify potential gaps and improvement opportunities and drive the gaps/improvement opportunities to closure
Identify, assess and advise on compliance risks and implementation of IT controls
Design IT testing procedures to identify and evaluate risk exposures and determine the effectiveness and efficiency of controls
Drive the creation of remediation solutions and/or exception documentation to closure
Assists application teams with the creation and implementation of IT control objectives/be key point of contact for the global IT teams across all IT domains
Serves as the subject matter expert and point of contact to Internal and External Auditors.
Works with key IT vendors / partners on coverage / quality of SOC1 reports
Works closely with Corporate Controllership department in Finance
Role as subject matter expert in new projects such as implementation of new (SaaS) solutions to ensure compliance objectives are met as part of the project process.