flex Senior Manager, Risk Management and Compliance

About The Position

Requirements

• Undergraduate degree in Business, IT, Cybersecurity, Data Analytics, or related discipline—or equivalent experience/certification.
• At least 7 years of IT leadership experience , demonstrating deep technical understanding and strong stakeholder engagement skills, including:
• 5+ years in IT infrastructure risk, governance, audit, and compliance across legacy and cloud environments.
• 3+ years leading audits, compliance programs, and remediation efforts , with a strong track record of driving timely issue closure.
• Experience designing, evaluating, and advising on IT and cybersecurity controls for both cloud and on‑premises technologies.
• Experience automating governance, evidence collection, reporting, or control testing.
• At least one professional certification (CISA, CRISC, CISSP, or equivalent).
• Demonstrated success collaborating across cross‑functional, sourced, or matrixed teams to drive accountability.
• Strong analytical, problem‑solving, and prioritization skills in high‑pressure environments.
• Excellent verbal and written communication skills, with the ability to influence application, infrastructure, and senior leadership stakeholders.

Nice To Haves

• Graduate degree in a technical discipline.
• Hands‑on experience with enterprise GRC, DevSecOps, and cybersecurity platforms (e.g., ServiceNow, Jira, Confluence, Splunk, CrowdStrike).
• Experience managing or contributing to complex portfolios or programs.
• Familiarity with Scaled Agile Framework (SAFe) environments.
• Strong data analytics skills (e.g., Power BI) for metrics, dashboards, and BI‑driven insights.

Responsibilities

• Audit and Compliance Oversight and Delivery Lead enterprise‑aligned compliance operations across Global Technology, ensuring consistent delivery by application and infrastructure teams.
• Oversee tracking of active and planned compliance work, escalating delays or risks to leadership as needed.
• Support the maintenance of GT’s control inventory; ensure ownership, documentation, and evidence are complete and audit‑ready.
• Provide expert guidance on control design, implementation, and documentation quality; validate adequacy and effectiveness.
• Drive automation of evidence collection and reporting to reduce manual effort and human error.
• Provide program‑level control performance reporting to senior management, including risks, trends, and required actions.
• Serve as the central point of oversight for GT issue management - ensuring security/technology/data privacy findings, internal audit observations, and compliance gaps are actively monitored and driven to closure leveraging a risk-based approach.
• Monitor aging, overdue, and high‑risk issues daily; coordinate with application and infrastructure owners to obtain updates and enforce remediation accountability.
• Collaborate with compliance and security counterparts to validate issue context, assess risk impact, and advise on effective remediation strategies.
• Provide clear guidance to Global Technology teams on issue management expectations, lifecycle requirements, and escalation paths.
• Lead development and reporting of key issue management metrics (e.g., remediation aging, risk trends, owner performance), ensuring transparency for senior leadership and committees.
• Develop and maintain standard operating procedures, governance frameworks, and documentation that strengthen consistency in GT risk and compliance practices.
• Align GT’s risk and compliance processes with enterprise tools, platforms, and governance models.
• Lead initiatives to streamline, automate, and optimize compliance, control, and risk‑management processes across GT.
• Drive adoption of risk‑management capabilities across application and infrastructure teams through guidance, training, and continuous reinforcement.
• Lead and support GT participation in internal/external audits covering infrastructure, cybersecurity, cloud, third‑party risk, and operational domains.
• Conduct control readiness reviews by interviewing owners, reviewing evidence, identifying gaps, and preparing teams for audit engagement.
• Facilitate kickoff, status, and close‑out meetings; ensure alignment on scope, risks, timelines, and expected deliverables.
• Produce clear, fact‑based, and actionable reports for leadership, outlining control gaps, remediation steps, and risk implications.
• Support special audit projects (e.g., major system implementations, remediation assurance, automated control deployments).
• Partner with internal/external auditors, GT leadership, control owners, and process teams to ensure timely and accurate execution of audit and compliance work.
• Provide oversight to ensure technology teams consistently follow issue management, control operations, and compliance responsibilities.
• Develop leading and lagging indicators for proactive risk management.
• Build analytics‑driven dashboards and insights to support data‑informed decisions around compliance posture, issue aging, control maturity, and remediation progress.
• Identify themes and systemic issues from metrics to recommend enterprise‑level improvements.
• Set clear goals and priorities for self and team; ensure execution aligns with GT risk‑management strategy.
• Direct stakeholders in organizing, resourcing, and completing remediation and compliance projects.
• Evaluate information, identify root causes, and recommend practical solutions for long‑term risk reduction.
• Deliver timely and accurate outputs, including reports, presentations, and executive updates, with strong attention to detail.