IT Compliance Manager

  • location: Fort Mill, SC
  • type: Contract
  • salary: $50 - $63 per hour
easy apply

job description

IT Compliance Manager

job summary:
JOB TITLE - IT Compliance Manager

POSITION OVERVIEW - Individuals within the IT Compliance Management role are responsible for ensuring that the organization in accomplishing its objectives by bringing a systematic, disciplined approach to evaluating and improving the effectiveness of IT risk management, IT control and governance processes. Persons in this role will be a primary resource for driving adherence to compliance and regulatory IT controls.

- They will lead projects to implement the Enterprise IT Compliance Program and identify gaps and recommend risk mitigation alternatives to management

- Will assist development of continuous monitoring controls to assess the IT control environment and its effectiveness against the IT Corporate Compliance Standards.

- Partner with the Corporate Compliance team to provide guidance and enhancements of control adjustments based on industry or corporate standards.

- Members of this role need to have an understanding of software development life cycles, SOX Controls, security principals, process design, and a strong knowledge of compliance management.

- They must be able to understand business requirements, technical specifications and change management documentation in order to audit work products against standards.

- They must also be highly skilled communicators who can both provide training to delivery teams and clearly define where practice diverges from standards and recommended remediation.

- The resource in this role will work on multiple projects as a compliance team leader or advisor.

- They will work on projects that have system-wide impact, integrating across the organization and involving multiple technical environments and disciplines.

- The IT Compliance Manager II identifies and communicates how IT solutions can support the achievement of short- and long-range IT Compliance goals.

PRIMARY DUTIES AND RESPONSIBILITIES:

- Leads in identification and documentation of companies IT General Controls (ITGC).

- Collaborate with control owners to design, document and implement IT control points.

- Manage discussions with external and client auditors as part of required reviews of our IT Compliance Controls. Must be able to accurately communicate our controls strategy and how IT controls operate.

- Prepare report of risks and mitigations, and reviews these with project leadership

- Provide controls guidance to IT and the business to facilitate operational effectiveness and ensure compliance requirements are met.

- Utilize sound judgment to identify and assess risk, materiality, and adequacy of audit evidence, compensating controls, and significance of findings.

- Collaborate effectively and on an ongoing basis with all constituents involved in ITGCs.

- Review progress toward the ITGC plan regularly with IT process and control owners, and auditors to enhance the plan as necessary.

- Build trusted working relationships with the enterprise Finance, Legal, Audit and Corporate Compliance groups to support Internal and External Audits, and to ensure the understanding and acceptance of audit issues regarding business risks and controls.

- Implement reviews of controls programs that are required to mitigate compliance risks and vulnerabilities, and work with appropriate stakeholders to address and enhance as appropriate.

- Assist external compliance initiatives that may include SOX, PCI DSS, HIPAA, and other compliance programs, including the coordination of auditors interfacing with IT staff, guidance for appropriate remediation actions for findings, communication and escalation of remediation.

- Stay current with latest changes in external compliance initiatives that may affect the organization's compliance with external requirements.

- Assist internal and external auditors in compliance reviews.

- Manage and prepare clear, detailed and accurate compliance documentation including narratives, control descriptions, risk control matrices, test programs, and performance metrics.

- Diagnose findings and prepares internal controls reports and presentations to senior management.

- Establish and communicate timelines, requirements and issues with management in a professional and timely manner.

- Accurately and consistently respond to client requests for information related to ITGCs

- Report items and action plans as part of program deliverables.

- Escalate key control risks and issues, in a professional manner to management.

- Adhere to policies, procedures and standards.

- Evaluate business process efficiencies and risks to make recommendations on application of testing standards.

- Evaluate and make compliance recommendations on standards within enterprise wide processes such as change and release management.

- Suggest and influence process improvements and act as a change agent for the organization.

- Work with IT and enterprise leadership to establish key performance metrics for IT.

- Provide mentoring to team members.

- Recommend training programs targeting specific areas of improvement.

- Lead evaluation of Control Frameworks, Regulations and certifications providing analysis based on findings

- Lead individual or group feasibility studies to evaluate tools, define acceptance criteria, reports findings and participates in implementation decisions. Review and provide feedback on vendor proposals for new service, hardware and software.

- Participates in evaluation of acquired solutions and provides findings on control risks

MINIMUM SKILLS, KNOWLEDGE AND ABILITY REQUIREMENTS:

- Ability to interpret policy based on facts and recommend proper course of action

- Ability to work within a team environment

- Skilled at interacting with internal and external personnel

- Strong interpersonal and analytical skills

- Strong organizational and oral/written communication skills

- high degree of literacy with system processes and internal controls

- Comfortable working with management, and ability to work independently on projects and direct assigned staff

- Extensive exposure to IT related operations, including: system development project management methodologies and practices; IT Operations, IT planning, management and organization, and other general application specific control principles and risk

- Working knowledge of Sarbanes-Oxley, COSO and CoBIT frameworks

- Experience with SOCx, PCI and/or URAC certification

EXPERIENCE AND EDUCATIONAL REQUIREMENTS:

- Bachelor's Degree in Computer Science, Information Systems, Business Administration or other related field Or equivalent work experience.

- Minimum 7 years IT compliance or audit experience, including supervisory experience working for a large company.

- Must have a professional certification (CPA, CIA, or CISA).

- Knowledge of 2 or more industry regulations, standards and certifications around PCI, HIPAA, URAC or FDA regulations such as 21 CFR Part 11 and GxP.

*** ADDITIONAL MUST HAVES FROM MGR ***

- Verbal and written communication skills as this is customer facing.

- Minimum 7 years IT compliance or audit experience.

- Working knowledge of IT Controls.

- Experience talking to auditors.

 
location: Fort Mill, South Carolina
job type: Contract
salary: $50 - 63 per hour
work hours: 9am to 5pm
education: Bachelors
 
responsibilities:
JOB TITLE - IT Compliance Manager

POSITION OVERVIEW - Individuals within the IT Compliance Management role are responsible for ensuring that the organization in accomplishing its objectives by bringing a systematic, disciplined approach to evaluating and improving the effectiveness of IT risk management, IT control and governance processes. Persons in this role will be a primary resource for driving adherence to compliance and regulatory IT controls.

- They will lead projects to implement the Enterprise IT Compliance Program and identify gaps and recommend risk mitigation alternatives to management

- Will assist development of continuous monitoring controls to assess the IT control environment and its effectiveness against the IT Corporate Compliance Standards.

- Partner with the Corporate Compliance team to provide guidance and enhancements of control adjustments based on industry or corporate standards.

- Members of this role need to have an understanding of software development life cycles, SOX Controls, security principals, process design, and a strong knowledge of compliance management.

- They must be able to understand business requirements, technical specifications and change management documentation in order to audit work products against standards.

- They must also be highly skilled communicators who can both provide training to delivery teams and clearly define where practice diverges from standards and recommended remediation.

- The resource in this role will work on multiple projects as a compliance team leader or advisor.

- They will work on projects that have system-wide impact, integrating across the organization and involving multiple technical environments and disciplines.

- The IT Compliance Manager II identifies and communicates how IT solutions can support the achievement of short- and long-range IT Compliance goals.

PRIMARY DUTIES AND RESPONSIBILITIES:

- Leads in identification and documentation of companies IT General Controls (ITGC).

- Collaborate with control owners to design, document and implement IT control points.

- Manage discussions with external and client auditors as part of required reviews of our IT Compliance Controls. Must be able to accurately communicate our controls strategy and how IT controls operate.

- Prepare report of risks and mitigations, and reviews these with project leadership

- Provide controls guidance to IT and the business to facilitate operational effectiveness and ensure compliance requirements are met.

- Utilize sound judgment to identify and assess risk, materiality, and adequacy of audit evidence, compensating controls, and significance of findings.

- Collaborate effectively and on an ongoing basis with all constituents involved in ITGCs.

- Review progress toward the ITGC plan regularly with IT process and control owners, and auditors to enhance the plan as necessary.

- Build trusted working relationships with the enterprise Finance, Legal, Audit and Corporate Compliance groups to support Internal and External Audits, and to ensure the understanding and acceptance of audit issues regarding business risks and controls.

- Implement reviews of controls programs that are required to mitigate compliance risks and vulnerabilities, and work with appropriate stakeholders to address and enhance as appropriate.

- Assist external compliance initiatives that may include SOX, PCI DSS, HIPAA, and other compliance programs, including the coordination of auditors interfacing with IT staff, guidance for appropriate remediation actions for findings, communication and escalation of remediation.

- Stay current with latest changes in external compliance initiatives that may affect the organization's compliance with external requirements.

- Assist internal and external auditors in compliance reviews.

- Manage and prepare clear, detailed and accurate compliance documentation including narratives, control descriptions, risk control matrices, test programs, and performance metrics.

- Diagnose findings and prepares internal controls reports and presentations to senior management.

- Establish and communicate timelines, requirements and issues with management in a professional and timely manner.

- Accurately and consistently respond to client requests for information related to ITGCs

- Report items and action plans as part of program deliverables.

- Escalate key control risks and issues, in a professional manner to management.

- Adhere to policies, procedures and standards.

- Evaluate business process efficiencies and risks to make recommendations on application of testing standards.

- Evaluate and make compliance recommendations on standards within enterprise wide processes such as change and release management.

- Suggest and influence process improvements and act as a change agent for the organization.

- Work with IT and enterprise leadership to establish key performance metrics for IT.

- Provide mentoring to team members.

- Recommend training programs targeting specific areas of improvement.

- Lead evaluation of Control Frameworks, Regulations and certifications providing analysis based on findings

- Lead individual or group feasibility studies to evaluate tools, define acceptance criteria, reports findings and participates in implementation decisions. Review and provide feedback on vendor proposals for new service, hardware and software.

- Participates in evaluation of acquired solutions and provides findings on control risks

MINIMUM SKILLS, KNOWLEDGE AND ABILITY REQUIREMENTS:

- Ability to interpret policy based on facts and recommend proper course of action

- Ability to work within a team environment

- Skilled at interacting with internal and external personnel

- Strong interpersonal and analytical skills

- Strong organizational and oral/written communication skills

- high degree of literacy with system processes and internal controls

- Comfortable working with management, and ability to work independently on projects and direct assigned staff

- Extensive exposure to IT related operations, including: system development project management methodologies and practices; IT Operations, IT planning, management and organization, and other general application specific control principles and risk

- Working knowledge of Sarbanes-Oxley, COSO and CoBIT frameworks

- Experience with SOCx, PCI and/or URAC certification

EXPERIENCE AND EDUCATIONAL REQUIREMENTS:

- Bachelor's Degree in Computer Science, Information Systems, Business Administration or other related field Or equivalent work experience.

- Minimum 7 years IT compliance or audit experience, including supervisory experience working for a large company.

- Must have a professional certification (CPA, CIA, or CISA).

- Knowledge of 2 or more industry regulations, standards and certifications around PCI, HIPAA, URAC or FDA regulations such as 21 CFR Part 11 and GxP.

*** ADDITIONAL MUST HAVES FROM MGR ***

- Verbal and written communication skills as this is customer facing.

- Minimum 7 years IT compliance or audit experience.

- Working knowledge of IT Controls.

- Experience talking to auditors.

 
qualifications:
JOB TITLE - IT Compliance Manager

POSITION OVERVIEW - Individuals within the IT Compliance Management role are responsible for ensuring that the organization in accomplishing its objectives by bringing a systematic, disciplined approach to evaluating and improving the effectiveness of IT risk management, IT control and governance processes. Persons in this role will be a primary resource for driving adherence to compliance and regulatory IT controls.

- They will lead projects to implement the Enterprise IT Compliance Program and identify gaps and recommend risk mitigation alternatives to management

- Will assist development of continuous monitoring controls to assess the IT control environment and its effectiveness against the IT Corporate Compliance Standards.

- Partner with the Corporate Compliance team to provide guidance and enhancements of control adjustments based on industry or corporate standards.

- Members of this role need to have an understanding of software development life cycles, SOX Controls, security principals, process design, and a strong knowledge of compliance management.

- They must be able to understand business requirements, technical specifications and change management documentation in order to audit work products against standards.

- They must also be highly skilled communicators who can both provide training to delivery teams and clearly define where practice diverges from standards and recommended remediation.

- The resource in this role will work on multiple projects as a compliance team leader or advisor.

- They will work on projects that have system-wide impact, integrating across the organization and involving multiple technical environments and disciplines.

- The IT Compliance Manager II identifies and communicates how IT solutions can support the achievement of short- and long-range IT Compliance goals.

PRIMARY DUTIES AND RESPONSIBILITIES:

- Leads in identification and documentation of companies IT General Controls (ITGC).

- Collaborate with control owners to design, document and implement IT control points.

- Manage discussions with external and client auditors as part of required reviews of our IT Compliance Controls. Must be able to accurately communicate our controls strategy and how IT controls operate.

- Prepare report of risks and mitigations, and reviews these with project leadership

- Provide controls guidance to IT and the business to facilitate operational effectiveness and ensure compliance requirements are met.

- Utilize sound judgment to identify and assess risk, materiality, and adequacy of audit evidence, compensating controls, and significance of findings.

- Collaborate effectively and on an ongoing basis with all constituents involved in ITGCs.

- Review progress toward the ITGC plan regularly with IT process and control owners, and auditors to enhance the plan as necessary.

- Build trusted working relationships with the enterprise Finance, Legal, Audit and Corporate Compliance groups to support Internal and External Audits, and to ensure the understanding and acceptance of audit issues regarding business risks and controls.

- Implement reviews of controls programs that are required to mitigate compliance risks and vulnerabilities, and work with appropriate stakeholders to address and enhance as appropriate.

- Assist external compliance initiatives that may include SOX, PCI DSS, HIPAA, and other compliance programs, including the coordination of auditors interfacing with IT staff, guidance for appropriate remediation actions for findings, communication and escalation of remediation.

- Stay current with latest changes in external compliance initiatives that may affect the organization's compliance with external requirements.

- Assist internal and external auditors in compliance reviews.

- Manage and prepare clear, detailed and accurate compliance documentation including narratives, control descriptions, risk control matrices, test programs, and performance metrics.

- Diagnose findings and prepares internal controls reports and presentations to senior management.

- Establish and communicate timelines, requirements and issues with management in a professional and timely manner.

- Accurately and consistently respond to client requests for information related to ITGCs

- Report items and action plans as part of program deliverables.

- Escalate key control risks and issues, in a professional manner to management.

- Adhere to policies, procedures and standards.

- Evaluate business process efficiencies and risks to make recommendations on application of testing standards.

- Evaluate and make compliance recommendations on standards within enterprise wide processes such as change and release management.

- Suggest and influence process improvements and act as a change agent for the organization.

- Work with IT and enterprise leadership to establish key performance metrics for IT.

- Provide mentoring to team members.

- Recommend training programs targeting specific areas of improvement.

- Lead evaluation of Control Frameworks, Regulations and certifications providing analysis based on findings

- Lead individual or group feasibility studies to evaluate tools, define acceptance criteria, reports findings and participates in implementation decisions. Review and provide feedback on vendor proposals for new service, hardware and software.

- Participates in evaluation of acquired solutions and provides findings on control risks

MINIMUM SKILLS, KNOWLEDGE AND ABILITY REQUIREMENTS:

- Ability to interpret policy based on facts and recommend proper course of action

- Ability to work within a team environment

- Skilled at interacting with internal and external personnel

- Strong interpersonal and analytical skills

- Strong organizational and oral/written communication skills

- high degree of literacy with system processes and internal controls

- Comfortable working with management, and ability to work independently on projects and direct assigned staff

- Extensive exposure to IT related operations, including: system development project management methodologies and practices; IT Operations, IT planning, management and organization, and other general application specific control principles and risk

- Working knowledge of Sarbanes-Oxley, COSO and CoBIT frameworks

- Experience with SOCx, PCI and/or URAC certification

EXPERIENCE AND EDUCATIONAL REQUIREMENTS:

- Bachelor's Degree in Computer Science, Information Systems, Business Administration or other related field Or equivalent work experience.

- Minimum 7 years IT compliance or audit experience, including supervisory experience working for a large company.

- Must have a professional certification (CPA, CIA, or CISA).

- Knowledge of 2 or more industry regulations, standards and certifications around PCI, HIPAA, URAC or FDA regulations such as 21 CFR Part 11 and GxP.

*** ADDITIONAL MUST HAVES FROM MGR ***

- Verbal and written communication skills as this is customer facing.

- Minimum 7 years IT compliance or audit experience.

- Working knowledge of IT Controls.

- Experience talking to auditors.

 
skills: JOB TITLE - IT Compliance Manager

POSITION OVERVIEW - Individuals within the IT Compliance Management role are responsible for ensuring that the organization in accomplishing its objectives by bringing a systematic, disciplined approach to evaluating and improving the effectiveness of IT risk management, IT control and governance processes. Persons in this role will be a primary resource for driving adherence to compliance and regulatory IT controls.

- They will lead projects to implement the Enterprise IT Compliance Program and identify gaps and recommend risk mitigation alternatives to management

- Will assist development of continuous monitoring controls to assess the IT control environment and its effectiveness against the IT Corporate Compliance Standards.

- Partner with the Corporate Compliance team to provide guidance and enhancements of control adjustments based on industry or corporate standards.

- Members of this role need to have an understanding of software development life cycles, SOX Controls, security principals, process design, and a strong knowledge of compliance management.

- They must be able to understand business requirements, technical specifications and change management documentation in order to audit work products against standards.

- They must also be highly skilled communicators who can both provide training to delivery teams and clearly define where practice diverges from standards and recommended remediation.

- The resource in this role will work on multiple projects as a compliance team leader or advisor.

- They will work on projects that have system-wide impact, integrating across the organization and involving multiple technical environments and disciplines.

- The IT Compliance Manager II identifies and communicates how IT solutions can support the achievement of short- and long-range IT Compliance goals.

PRIMARY DUTIES AND RESPONSIBILITIES:

- Leads in identification and documentation of companies IT General Controls (ITGC).

- Collaborate with control owners to design, document and implement IT control points.

- Manage discussions with external and client auditors as part of required reviews of our IT Compliance Controls. Must be able to accurately communicate our controls strategy and how IT controls operate.

- Prepare report of risks and mitigations, and reviews these with project leadership

- Provide controls guidance to IT and the business to facilitate operational effectiveness and ensure compliance requirements are met.

- Utilize sound judgment to identify and assess risk, materiality, and adequacy of audit evidence, compensating controls, and significance of findings.

- Collaborate effectively and on an ongoing basis with all constituents involved in ITGCs.

- Review progress toward the ITGC plan regularly with IT process and control owners, and auditors to enhance the plan as necessary.

- Build trusted working relationships with the enterprise Finance, Legal, Audit and Corporate Compliance groups to support Internal and External Audits, and to ensure the understanding and acceptance of audit issues regarding business risks and controls.

- Implement reviews of controls programs that are required to mitigate compliance risks and vulnerabilities, and work with appropriate stakeholders to address and enhance as appropriate.

- Assist external compliance initiatives that may include SOX, PCI DSS, HIPAA, and other compliance programs, including the coordination of auditors interfacing with IT staff, guidance for appropriate remediation actions for findings, communication and escalation of remediation.

- Stay current with latest changes in external compliance initiatives that may affect the organization's compliance with external requirements.

- Assist internal and external auditors in compliance reviews.

- Manage and prepare clear, detailed and accurate compliance documentation including narratives, control descriptions, risk control matrices, test programs, and performance metrics.

- Diagnose findings and prepares internal controls reports and presentations to senior management.

- Establish and communicate timelines, requirements and issues with management in a professional and timely manner.

- Accurately and consistently respond to client requests for information related to ITGCs

- Report items and action plans as part of program deliverables.

- Escalate key control risks and issues, in a professional manner to management.

- Adhere to policies, procedures and standards.

- Evaluate business process efficiencies and risks to make recommendations on application of testing standards.

- Evaluate and make compliance recommendations on standards within enterprise wide processes such as change and release management.

- Suggest and influence process improvements and act as a change agent for the organization.

- Work with IT and enterprise leadership to establish key performance metrics for IT.

- Provide mentoring to team members.

- Recommend training programs targeting specific areas of improvement.

- Lead evaluation of Control Frameworks, Regulations and certifications providing analysis based on findings

- Lead individual or group feasibility studies to evaluate tools, define acceptance criteria, reports findings and participates in implementation decisions. Review and provide feedback on vendor proposals for new service, hardware and software.

- Participates in evaluation of acquired solutions and provides findings on control risks

MINIMUM SKILLS, KNOWLEDGE AND ABILITY REQUIREMENTS:

- Ability to interpret policy based on facts and recommend proper course of action

- Ability to work within a team environment

- Skilled at interacting with internal and external personnel

- Strong interpersonal and analytical skills

- Strong organizational and oral/written communication skills

- high degree of literacy with system processes and internal controls

- Comfortable working with management, and ability to work independently on projects and direct assigned staff

- Extensive exposure to IT related operations, including: system development project management methodologies and practices; IT Operations, IT planning, management and organization, and other general application specific control principles and risk

- Working knowledge of Sarbanes-Oxley, COSO and CoBIT frameworks

- Experience with SOCx, PCI and/or URAC certification

EXPERIENCE AND EDUCATIONAL REQUIREMENTS:

- Bachelor's Degree in Computer Science, Information Systems, Business Administration or other related field Or equivalent work experience.

- Minimum 7 years IT compliance or audit experience, including supervisory experience working for a large company.

- Must have a professional certification (CPA, CIA, or CISA).

- Knowledge of 2 or more industry regulations, standards and certifications around PCI, HIPAA, URAC or FDA regulations such as 21 CFR Part 11 and GxP.

*** ADDITIONAL MUST HAVES FROM MGR ***

- Verbal and written communication skills as this is customer facing.

- Minimum 7 years IT compliance or audit experience.

- Working knowledge of IT Controls.

- Experience talking to auditors.


Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

easy apply

get jobs in your inbox.

sign up
{{returnMsg}}

related jobs


    Technical Analyst

  • location: Charlotte, NC
  • job type: Temp to Perm
  • salary: $50 - $58 per hour
  • date posted: 11/29/2018

    C# WPF Developer

  • location: Charlotte, NC
  • job type: Contract
  • salary: $50 - $60 per hour
  • date posted: 1/7/2019