Job Description :
Job description:
Senior IT Compliance and Control
Role:
* Governance, Compliance and Controls SME that has developed and implemented a controlled framework while working in varying industries with various technology platforms, applications
* Exceptional understanding and implementation of control frameworks: COBIT, COSO, ITIL, NIST
* Project Team Lead and individual contributor that can manage cross functional organizations
* Superior facilitation and documentation skills with minimal re-writes
* Professional that manages varying Technology Risk Control Assessments, Policy and Procedural creation
* Professional that manages Governances, Risk and Controls within the following areas , but not limited to:
* Access Management
* Change Management
* Information Security
* SDLC
* Configuration Management
* Business Continuity and Disaster Recovery
* Logging and Monitoring
* Application and Infrastructure Entity level controls
* Etc.
* Professional that has experience within Sarbanes-Oxley testing, Regulatory compliance testing, Internal Audit, from a Governance, Risk and Compliance perspective
* Professional that has developed and implemented Remediation management programs
Responsibilities:
* Manage Pre-/Post-testing items related to Internal and Regulatory compliance audits, SOC -1/SOC - 2 and SOX for the technology organization
* Develop and Implement a technology control framework and IT Governance to meet regulatory requirements
* Assist with implementing projects to address multi-layer deficiencies and gaps
* Provide oversight of the development of appropriate Policies, Procedures and Guideline documentation for technology organization
* Review project artifacts to ensure that risk and mitigation conclusions are well-supported and that deliverables are of high quality
* Issue Management
* Communicate risk and security issues in business context (i.e. translate technical risks to
Business risks)
Position Requirements:
* Bachelor''s or master''s degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline
* CISA, CISSP, or CISM,CGEIT and ITIL certification - preferred
* A minimum of 8 + years of experience working as an IT Governance, Compliance and Controls professional
* Mastery of the following IT risk skills: understanding risks in a complex IT environment, recognizing key controls, planning and reviewing appropriate testing of IT controls, drawing correct conclusions and reporting to management
* Knowledge of technical security and control standards, tools, and techniques is preferred
* Strong meeting facilitation, presentation, report-writing, and problem solving skills
* Proven ability to exceed deadlines, manage milestones and budgets for multiple concurrent projects