IT Compliance Manager

About The Position

Requirements

• Bachelor’s degree in business administration, compliance, information systems, privacy, or a related field; equivalent work or education-related experience will be considered.
• 8+ years of experience in compliance, risk management, audit, or related roles, with a focus on regulatory obligations (e.g., privacy, data protection, operational resilience).
• Demonstrated knowledge of global regulatory frameworks such as GDPR, CCPA, HIPAA, and their application to business processes and IT systems.
• Proven experience in developing and maintaining policies and procedures that support regulatory compliance.
• Strong analytical and problem-solving skills, with the ability to manage multiple projects under strict timelines.
• Excellent written and verbal communication skills, with the ability to convey complex compliance concepts to both technical and non-technical audiences.
• High level of personal integrity and the ability to handle confidential information with professionalism and discretion.
• Ability to work independently and collaboratively across cross-functional teams, including audit, legal, privacy, and operations.

Nice To Haves

• Professional certifications such as Certified Information Privacy Professional (CIPP), Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), or equivalent are preferred.

Responsibilities

• Develop and maintain governance frameworks that support non-SOX compliance across all relevant business processes, systems, and applications.
• Serve as the process owner for assurance activities related to the completeness, accuracy, and auditability of data and operations subject to non-SOX regulations.
• Provide regular reporting on non-SOX compliance risks, control effectiveness, and remediation status to internal audit, enterprise risk teams, and senior leadership.
• Collaborate with legal, privacy, compliance, and vendor management teams to ensure regulatory requirements are embedded in contracts and third-party engagements.
• Lead the implementation and continuous improvement of controls relevant to non-SOX compliance, including privacy, data protection, operational resilience, and business process controls.
• Conduct risk assessments and facilitate mitigation planning for processes impacting non-SOX regulatory obligations.
• Ensure policies and practices for access, change management, and audit trail integrity meet standards.
• Establish metrics to measure the effectiveness of training and control adherence across the organization.
• Facilitate onboarding of new business units or services into the non-SOX compliance scope, applying standard controls and defining ownership of residual risks.
• Liaise with external auditors and regulatory bodies to maintain a strong compliance posture and stay informed of evolving non-SOX requirements.
• Develop and maintain dashboards to monitor non-SOX control performance, maturity, and risk exposure.
• Maintain inventories for systems and data within non-SOX compliance scope, including cloud services and third-party platforms.

Benefits

• We offer comprehensive package of benefits including paid time off, medical/dental/vision insurance, 401(k), and any other benefits to eligible employees.