Manager, IT Risk and Compliance

About The Position

Requirements

• Bachelor’s degree in business administration, government, information systems, public administration, or a related field.
• 5+ years of experience in Identity Access Management, privacy compliance or a related field
• In-depth knowledge of SOX audit best practices, ISO 27001, and other industry specific standards
• Proven track record in developing and implementing security and controls
• Excellent analytical and problem-solving skills, with the ability to identify and mitigate IT risks
• Strong collaboration and communication skills, with the ability to work effectively with cross-functional teams

Nice To Haves

• Current CISA certification, or the ability to obtain (preferred)

Responsibilities

• Monitoring, managing, and closing compliance issues related to data, access and security standards
• Creating and maintaining documentation, IT policy, and standard operating procedures (SOPs) related to data and access
• Conducting compliance gap analysis, readiness assessments, and identifying potential risks and vulnerabilities
• Handling and processing data subject requests in accordance with relevant regulations
• Maintaining records of processing activities and preparing reports on regulatory compliance
• Developing and delivering training programs to educate employees on data and access best practices
• Working cross-functionally with the IT department, Business Units, and other stakeholders to ensure a cohesive approach to data, access and security
• Supporting internal and external audits by providing necessary data and documentation; recommending changes to policy or procedure as required or necessary
• Keeping abreast of changes in IT security best practices, SOX compliance and implementing necessary updates