Skip to content
Senior IT Compliance Program Manager
| Company | Envista |
|---|
| Location | Brea, CA, USA |
|---|
| Salary | $106500 – $190000 |
|---|
| Type | Full-Time |
|---|
| Degrees | Bachelor’s |
|---|
| Experience Level | Senior |
|---|
Requirements
- Bachelor’s Degree in Computer Science or related field highly preferred
- 5+ years of experience in IT compliance, audit, or information security governance.
- Proven experience with compliance frameworks such as SOX, HIPAA, HITRUST, PCI-DSS, ISO 27001, GDPR, NIST CSF, and SOC 2.
- Strong understanding of internal audit processes and closure of audit findings.
- Excellent communication and collaboration skills across cross-functional and outsourced teams.
- Ability to manage multiple priorities in a fast-paced environment.
- Strong analytical and problem-solving skills.
- Experience with the full audit lifecycle (scoping, evidence collection, walkthroughs, remediation).
- Familiarity with modern IT environments (cloud-native platforms, IAM, logging, network segmentation, vulnerability management).
- Demonstrated ability to write, operationalize, and test IT controls.
Responsibilities
- Design and maintain a scalable IT compliance framework aligned with business goals, risk appetite, and regulatory mandates.
- Partner with functional teams and outsourced providers to ensure operational effectiveness of compliance controls across multiple regulatory frameworks and industry certifications.
- Act as a GRC subject matter expert, guiding product and engineering teams on compliance initiatives. Identify and remediate risks affecting product and infrastructure security.
- Independently lead routine and complex assessments/audits. Collect and review evidence to support internal and external audits.
- Deliver timely reports, metrics, and remediation strategies. Manage complex, cross-functional projects and dependencies.
- Drive improvements in the efficiency and scalability of compliance programs to support organizational growth.
- Provide leadership with actionable metrics on risk, audit issues, and remediation progress.
Preferred Qualifications
- Certifications such as CISA, CRISC, CGRC, CISSP, CIPM, or equivalent.
- Experience with GRC platforms (e.g., ServiceNow GRC, Workiva, Vanta), CSPM tools, or compliance-as-code platforms.
- Understanding of Agile/DevOps principles and their impact on compliance.
- Ability to translate complex compliance requirements into actionable guidance for technical teams.
