Sr. Manager of IT Compliance

Sr. Manager of IT Compliance

Requirements

• Bachelor’s degree in information technology, Computer Science, or a related field. Master’s degree preferred.
• 10+ years of experience in IT audit, compliance, or risk management, with a strong focus on SOX compliance.
• In-depth knowledge of SOX requirements, COBIT, ITIL, and other relevant IT governance frameworks.
• Working knowledge, understanding and experience with ERP platforms (Oracle, SAP, etc.).
• Exceptional understanding of IT infrastructure, systems, and processes.
• Strong analytical and critical thinking skills with attention to detail.
• Excellent written and verbal communication skills.
• Ability to work independently and as part of a team in a challenging environment.
• Proficiency in Microsoft Office suite and relevant compliance management tool.

Responsibilities

• Lead and coordinate SOX compliance efforts for IT-related controls and processes.
• Develop, implement, and maintain IT policies, procedures, and controls to ensure SOX and ISO27001 compliance.
• Conduct risk assessments and identify areas of potential non-compliance within IT systems and processes.
• Design and execute tests of IT controls to evaluate their effectiveness and efficiency.
• Collaborate with internal and external auditors during audits and provide necessary documentation and evidence.
• Monitor and analyze changes in regulations and industry best practices to ensure ongoing compliance.
• Provide guidance and training to IT staff on compliance requirements and best practices.
• Prepare detailed reports on compliance status, control deficiencies, and remediation plans for management and auditors.
• Work closely with cross-functional teams to implement and maintain IT controls across the organization.
• Assist in the development and maintenance of IT governance frameworks and risk management strategies.
• Act as primary point of contact for audits, facilitate written IT responses to audit findings, and develop action plans with key IT stakeholders.
• Provide consultative support to IT teams to identify opportunities for control improvements.
• Maintain centralized document repository to control evidence requirements and ensure timely submission of appropriate evidence.
• Prepare teams for upcoming audits by researching topics and providing guidance on best practices.
• Manage documentation of IT General and Application controls, updating as needed.
• Assist with developing and verifying completion of remediation plans for control deficiencies.
• Participate in and lead teams in ad hoc assignments.
• Manage IT policy governance to ensure inventory is up-to-date and documentation is current and auditable.
• Ensure successful implementation and execution of ISO27001 controls to maintain certification.

Preferred Qualifications

No preferred qualifications provided.