Sr. Manager, IT Governance & Risk Compliance

Crane Co.•Stamford, CT

56d

About The Position

The Sr. Manager, IT Governance & Risk Compliance is responsible to identify, develop, coordinate and monitor Information Technology controls to ensure oversight and compliance with regulatory, audit and contracting requirements. Responsible for communicating risk management plans to Managers, Directors and VPs across the enterprise and conduct/participate in risk, threat & vulnerability studies as well as impact assessments. This role is also responsible to support disaster recovery programs, ensuring timely recovery following an interruption in service caused by a system outage or declared disaster. Core Function: Identify, monitor, plan and coordinate teams responsible for validating effectiveness of security, governance, risk, and compliance programs. Align the planning and execution of IT and audit, while ensuring quality and adherence to adopted standard methodologies. Develop and conduct guidance for advisory reviews related to systems implementations, strategies, mergers, acquisitions, instances of fraud and service interruptions. Contribute to a sustainable IT general control environment, through involvement in key IT internal control activities. Coordinate with the Business Units to align controls with company policies, trends, and best practices. Organize with internal and external audit to facilitate audit requirements as it relates to policies, narratives, and self-assessment documentation. Participate in risk assessment activities across the IT organization, including 3rd party technical risk assessments. Participate in risk management, compliance, and internal control initiatives as needed. Serve as a subject matter expert, to help facilitate the identification and assessment of IT risks and to improve the effectiveness and efficiency of internal controls. Identify and makes recommendations regarding the implementation of technology-based tools to support risk mitigation initiatives.

Requirements

Bachelor's degree in a related area such as; Computer Science or Information Technology.
Experience in the following IT compliance framework standards: COSO, ISO27001, PCI-DSS, COBIT, and ITIL.
Strong risk assessment/audit capabilities with hands on experience in many technologies and platforms across a broad range of industries.
Experience in the following IT compliance framework standards: COSO, ISO27001, PCI-DSS, COBIT, and ITIL.
Strong risk assessment/audit capabilities with hands on experience in many technologies and platforms across a broad range of industries.

Nice To Haves

Strongly recommend one or more of the following risk-related industry-standard qualifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT) and Certificate of the Business Continuity Institute (CBCI).

Responsibilities

Directly responsible for global procedures and controls to assure compliance with applicable regulatory, audit and contract requirements, as well as good business practices.
Oversee IT compliance policies, standards, guidelines and baselines. Identify variances and jointly develop action plans with business unit leadership to remediate.
Establish and oversee formal risk analysis and self-assessments program for systems and processes.
Develop and implement continuity programs and risk mitigation actions in support of disaster recovery and system life cycle management.
Develop, implement and monitor compliance programs to enforce ITAR/DFAR, PCI, various privacy laws as well as contract, licensing and usage requirements.
Liaise with Internal Audit, Corporate Compliance, General Counsel and Business Unit leadership on all compliance efforts and projects.
Be the IT subject matter expert on IT related compliance and legal trends through training, research and development to mitigate potential exposures.
Train other staff, business units and external clients as necessary.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume