Mgr IT Governance Risk & Controls

RefrescoEgypt Lake-Leto, FL
13d
Match Resume

About The Position

We are seeking a highly motivated and experienced IT GRC Manager to join our team. In this role, you will be responsible for maintaining and improving our IT governance, risk, and compliance (GRC) program, with a focus on SOX compliance, application and data transfer controls, validating the completeness and accuracy of reports, third-party risk management and disaster recovery.

Requirements

  • Advanced knowledge of SOX controls and compliance; experience implementing or improving SOX
  • Strong drive and organizational skills inclusive of project and program management
  • Ability to proactively, productively manage diverse stakeholder groups
  • Excellent interpersonal and communication skills, verbal and written
  • Strong understanding of SOX requirements and IT general controls (ITGCs).
  • Ability to analyze and solve problems, results oriented
  • Able to prioritize work, and determine when necessary to switch priorities
  • Experience evaluating / governing SAP ITGCs
  • Undergraduate degree in Accounting, Information Technology, Computer Science or related technical degree required
  • Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC) designation required (two or more preferred)
  • 5+ years relevant work experience in public accounting or 6+ years industry required
  • 3+ years working with SOX in the IT domain with or for a company listed on a US market required
  • 1.5+ years of IT Audit / IT GRC managerial role preferred

Nice To Haves

  • Excellent knowledge of business process risks and controls in the manufacturing or consumer sectors preferred
  • Technical expertise in ERP system design and operation
  • In-depth knowledge of IT governance frameworks (e.g., COBIT, ITIL) and risk management methodologies
  • Experience building and maintaining processes and controls around IAM tools (SailPoint ISC) would be an asset

Responsibilities

  • IT Risk Assessments:
  • Conduct comprehensive IT risk assessments, including identifying and analyzing potential threats and vulnerabilities across applications, infrastructure, and data.
  • Develop and maintain risk registers, documenting identified risks, their potential impact, and mitigation strategies.
  • Collaborate with IT and business stakeholders to prioritize and remediate identified risks.
  • Assess impact of IT changes to policies, risks, controls, and governance process (including but not limited to disaster recovery, RCM)
  • SOX Compliance:
  • Maintain and update the Risk and Control Matrix.
  • Evaluate the design and monitor the execution of management's SOX controls.
  • Participate in business process walkthroughs to identify application controls, reports, and ITGC dependencies/risks.
  • Review SOC reports and map control deficiencies to relevant IT risks.
  • Ensure all control evidence of operating effectiveness is maintained timely, with appropriate detail for all IT controls; own the development, reporting, completion of control remediation plans
  • Train and educate IT teams and control owners on the effective operation of controls
  • Application and Data Transfer Controls, Report (IPE) Validation:
  • Identify the application controls, interfaces/batch jobs and reports key to supporting SOX business processes
  • Evaluate the design and effectiveness of application controls.
  • Evaluate the design and effectiveness of controls intended to mitigate data transfer errors/incompleteness
  • Evaluate the design (completeness and accuracy) of reports used for key controls
  • Third-Party Risk Management:
  • Develop and implement a third-party risk management program.
  • Monitor and manage risks associated with third-party relationships.
  • Disaster Recovery:
  • Develop, maintain, and test the IT disaster recovery plan, inclusive of supporting audits and requests for understanding and evidence by 3rd parties
  • Cyber Security:
  • Perform cyber security posture evaluations
  • Design and execute strategies to evaluate the ICFR impact of cyber security incidents
  • Draft the appropriate disclosures regarding cyber security posture and cyber incidents and response as necessary
  • Ongoing Regulatory Compliance:
  • Ensure compliance with relevant regulations and industry standards (e.g., SOX, NIST).
  • Assist with internal and external audits.
  • Develop and deliver GRC training to IT and business stakeholders.

Benefits

  • Medical/Dental/Vision Insurance
  • Health Savings Accounts and Flexible Spending Accounts
  • Life and AD&D Insurance
  • Pet Insurance
  • Legal Benefits
  • 401(k) Savings Plan with Company Match
  • 12 Paid Holidays, Vacation, and Paid Time Off
  • Well-being Benefits
  • Discount and Total Reward Programs

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Manager

Job Search Resources

Similar Mgr IT Governance Risk & Controls job opportunities

Mgr IT Optimization & Governance
Ventura Foods
Ventura Foods • Irvine, CA5d • $135,978 - $179,184 • Hybrid
Risk Governance & Controls Specialist
Bank of Montreal
Bank of Montreal • Chicago, IL12d
Director, IT Governance, Risk, and Controls
Perella Weinberg Partners
Perella Weinberg Partners • New York, NY8d • $160,000 - $220,000
🔥 New JobSenior Manager, IT Risk Controls & Sox Governance
American Tower Africa
American Tower Africa • Boston, MA13h
IT Governance, Risk & Compliance Director
American Heart Association
American Heart Association • Dallas, TX11d • Hybrid
IT Governance & Risk Management Manager
Westinghouse Electric Company, LLC
Westinghouse Electric Company, LLC • Cranberry Township, PA9d • $130,400 - $163,000 • Hybrid
Explore More Jobs

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service