Job Description :
Senior IT Compliance and Control
Role:
Governance, Compliance and Controls SME that has developed and implemented a controlled framework while working in varying industries with various technology platforms, applications
Exceptional understanding and implementation of control frameworks: COBIT, COSO, ITIL, NIST
Project Team Lead and individual contributor that can manage cross functional organizations
Superior facilitation and documentation skills with minimal re-writes
Professional that manages varying Technology Risk Control Assessments, Policy and Procedural creation
Professional that manages Governances, Risk and Controls within the following areas , but not limited to:
Access Management
Change Management
Information Security
SDLC
Configuration Management
Business Continuity and Disaster Recovery
Logging and Monitoring
Application and Infrastructure Entity level controls
Etc…
Professional that has experience within Sarbanes-Oxley testing, Regulatory compliance testing, Internal Audit, from a Governance, Risk and Compliance perspective
Professional that has developed and implemented Remediation management programs
Responsibilities:
Manage Pre-/Post-testing items related to Internal and Regulatory compliance audits, SOC -1/SOC – 2 and SOX for the technology organization
Develop and Implement a technology control framework and IT Governance to meet regulatory requirements
Assist with implementing projects to address multi-layer deficiencies and gaps
Provide oversight of the development of appropriate Policies, Procedures and Guideline documentation for technology organization
Review project artifacts to ensure that risk and mitigation conclusions are well-supported and that deliverables are of high quality
Issue Management
Communicate risk and security issues in business context (i.e. translate technical risks to
Business risks)
Position Requirements:
Bachelor’s or master’s degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline
CISA, CISSP, or CISM,CGEIT and ITIL certification - preferred
A minimum of 8 + years of experience working as an IT Governance, Compliance and Controls professional
Mastery of the following IT risk skills: understanding risks in a complex IT environment, recognizing key controls, planning and reviewing appropriate testing of IT controls, drawing correct conclusions and reporting to management
Knowledge of technical security and control standards, tools, and techniques is preferred
Strong meeting facilitation, presentation, report-writing, and problem solving skills
Proven ability to exceed deadlines, manage milestones and budgets for multiple concurrent projects