IT Risk Program Lead

LineageNovi, MI
289d
Match Resume

About The Position

The IT Risk and Compliance Program Manager is charged with leading in the identification, assessment, measurement, monitoring, and reporting of IT risk through Lineage Logistics' technology risk and cyber security program. This role's primary function will involve supporting the company's information technology general controls (ITGC) program. In addition, this role may be called on to support corporate operations and technology compliance audits, vendor / partner risk assessments, M&A due diligence or support customer assurance efforts as needs, and interests require. This role will also support security awareness and education efforts delivered to company employees and relevant parties. The ideal candidate will understand current IT compliance frameworks, technologies, and processes while being continuously on the lookout for innovative and flexible ways to automate processes that support a fast-paced, secure, and empowered environment.

Requirements

  • Practical experience with policy and regulatory mandates such as SOX 404, COBIT, SOC1/SOC2, CSA-CCM, ISO27001/27002/27031, GDPR, CCPA, PCI-DSS and NIST Risk Management Framework and associated standards such as NIST sp800-34, sp800-53, sp800-171/2, FedRAMP, etc.
  • Fundamental technical understanding of key technologies such as Windows, Linux, and Mac, networks, application development, databases, virtualization, and cloud infrastructures.
  • 5-7 years relevant experience, or a BA or BS / MA or MS degree in Computer Science/Engineering, Math, Information Security, Information Systems, Information Assurance, Information Security Management, Intelligence Studies, Data Science, or Cyber Security.

Nice To Haves

  • Experience supporting a IT compliance program for a publicly traded company.
  • Project management experience in scoping, work break-down, critical path analysis, resourcing, managing time estimates, project risks, and quality.
  • Ability to think strategically about risks and tie those risks to tactical organizational activities.
  • Professional certifications such as: Certified Information Systems Auditor (CISA) and Certified in Risk and Information Systems Control (CRISC).

Responsibilities

  • Documenting technology processes and identifying critical technology controls.
  • Assisting with internal and external audits and assessments including control assessment, monitoring, and reporting including collection and organization of evidence.
  • Conducting third party controls evaluation to determine risk.
  • Working with various internal teams or external parties to define and prioritize remediation efforts, tracking remediation activities, and inspecting/validating solutions that have been implemented.
  • Responding to customer and partner questions regarding GRC topics.
  • Performing other duties within the scope of governance, risk, and compliance as needed.

Benefits

  • Safe, stable, reliable work environments.
  • Medical, dental, and basic life and disability insurance benefits.
  • 401k retirement plan.
  • Paid time off.
  • Annual bonus eligibility.
  • A minimum of 7 holidays throughout the calendar year.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Industry

Repair and Maintenance

Education Level

Bachelor's degree

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service