IT Security Manager

By joining Sedgwick, you'll be part of something truly meaningful. It’s what our 33,000 colleagues do every day for people around the world who are facing the unexpected. We invite you to grow your career with us, experience our caring culture, and enjoy work-life balance. Here, there’s no limit to what you can achieve. Newsweek Recognizes Sedgwick as America’s Greatest Workplaces National Top Companies Certified as a Great Place to Work® Fortune Best Workplaces in Financial Services & Insurance IT Security Manager PRIMARY PURPOSE OF THE ROLE: To manage and advance the IT security, risk and audit compliance program including planning, scheduling, coordinating, reviewing and reporting of the work of the department; to supervise, coach and train staff; to develop procedures and audit programs and policies; to represent Sedgwick IT to clients, carriers and external stakeholders, and to assist IT management on projects as needed. ARE YOU AN IDEAL CANDIDATE? We are looking for enthusiastic candidates who thrive in a collaborative environment, who are driven to deliver great work, are customer-oriented and are naturally empathetic. ESSENTIAL RESPONSIBLITIES MAY INCLUDE Performs advanced, specialized and/or managerial IT compliance working the areas of regulatory compliance, data security and protection, risk assessment and risk mitigation; manages complex audits both internally and externally including third party vendor audits and client-initiated IT audits; performs critical project management duties in the planning, scheduling, coordinating, reviewing and reporting of the work of IT compliance teams; and provides expertise in IT compliance standards and performance criteria, data security requirements and information technology skills. Develops and maintains productive internal and external stakeholder relationships; communicates with company management clients, carriers, vendors and other stakeholders as needed during IT compliance activities. Directly interacts with clients, carriers and other external stakeholders in critical or sensitive communications regarding IT compliance and security. Responds to client, carrier and legal counsel inquiries regarding IT compliance and security matters. Responsible for teaching, training and coaching staff and for creating appropriate awareness programs within IT and the enterprise. Develops procedures, schedules, priorities and programs for achieving IT compliance objectives and goals. Recommends and executes new policies at department and enterprise level. Prepares audit and compliance reports, analysis and recommendations using advanced writing skills. Assesses risk factors to identify high risk areas within IT. Develops risk remediation plans and manages related projects to completion. Identifies and communicates changes in professional and industry standards, laws, guidelines and audit requirements to department and enterprise personnel. Consults with and advises administrators, management and staff on various operational control issues related to computerized information systems as needed; attends and/or conducts internal and external meetings; and leads recruitment and hiring of IT audit, compliance and security colleagues. Attends, presents and/or participates in continuing professional education classes and training courses. Follows up on audit findings to ensure that management has taken corrective action(s). Assists and trains other audit staff in the use of computerized audit techniques and in developing methods for review and analysis of computerized information systems. Maintains a broad knowledge of state-of-the-art technology, equipment, and/or systems. Conducts or supervises IT operational, compliance, financial and investigative audits as required. Manages IT compliance budget. Recommends and manages commitment of IT budget funds where appropriate for Compliance and Risk management purposes. ADDITIONAL FUNCTIONS and RESPONSIBILITIES Performs other duties as assigned. Supports the organization's quality program(s). Travels as required. Administers company personnel policies in all areas and follows company staffing standards and training recommendations. Interviews, hires and establishes colleague performance development plans; conducts colleague performance discussions. Provides support, guidance, leadership and motivation to promote maximum performance. QUALIFICATIONS Bachelor's degree from an accredited college or university required. MBA or relevant Masters degree with a major in accounting or information technology field strongly preferred. At least two of the following credentials required (additional credentials are preferred): Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Information System Security Professional (CISSP), or Certified Information Systems Auditor (CISA) designation Ten (10) years of information technology, accounting or closely related industry experience or equivalent combination of education and experience required to include four (4) years project management and/or supervisory experience in a team environment. Skills & Knowledge Excellent understanding of internal control and data security concepts and their applications Excellent knowledge of IT compliance frameworks (i.e. SSAE 16 and ISO 2700x frameworks at minimum) Excellent knowledge of IT risk management, risk mitigation, data protection and security, and investigation procedures Solid knowledge of Sarbanes-Oxley Act provisions and methodologies for achieving compliance Excellent oral and written communication, including presentation skills PC literate, including Microsoft Office products Creative and analytical approach to problem solving Excellent detail orientation, time management skills and organization skills Excellent interpersonal skills and ability to work with various levels within the organization Ability to maintain confidential information in professional manner Ability to maintain profession demeanor in times of high stress Ability to manage multiple projects and set priorities Ability to work in a team environment and independently Ability to meet or exceed Performance Competencies Work environment requirements for entry-level opportunities include – Physical: Computer keyboarding Auditory/visual: Hearing, vision and talking Mental: Clear and conceptual thinking ability; excellent judgement and discretion; ability to meet deadlines The statements contained in this document are intended to describe the general nature and level of work being performed by a colleague assigned to this description. They are not intended to constitute a comprehensive list of functions, duties, or local variances. Sedgwick retains the discretion to add or to change the duties of the position at any time. Sedgwick is an Equal Opportunity Employer and a Drug-Free Workplace. If you’re excited about this role but your experience doesn’t align perfectly with every qualification in the job description, consider applying for it anyway! Sedgwick is building a diverse, equitable, and inclusive workplace and recognizes that each person possesses a unique combination of skills, knowledge, and experience. You may be just the right candidate for this or other roles. Sedgwick is an Equal Opportunity Employer and a Drug-Free Workplace. If you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, consider applying for it anyway! Sedgwick is building a diverse, equitable, and inclusive workplace and recognizes that each person possesses a unique combination of skills, knowledge, and experience. You may be just the right candidate for this or other roles. Sedgwick is the world’s leading risk and claims administration partner, which helps clients thrive by navigating the unexpected. The company’s expertise, combined with the most advanced AI-enabled technology available, sets the standard for solutions in claims administration, loss adjusting, benefits administration, and product recall. With over 33,000 colleagues and 10,000 clients across 80 countries, Sedgwick provides unmatched perspective, caring that counts, and solutions for the rapidly changing and complex risk landscape. For more, see sedgwick.com