Job Description:
This IT Compliance External Engagements Director position will provide hands-on support for managing IT Compliance requests (Audit, SSAE16, External customer inquiries, etc.) Responsibilities include project management, issue validation, validation of testing results, preparing consolidated reporting, risk and compliance reporting. This position will participate in enterprise risk and compliance program transformation initiatives and provide leadership for implementing and transitioning programs and processes.
• Communicate with subject matter experts to perform follow-up actions and document reported findings for assigned initiatives (Audit, SSAE16, External Inquiries, etc.)
• Maintain knowledge of planned internal audit initiatives and maintain master list of issues/action plans
• Manage audit requests, perform issue validation, and perform quality assurance on testing results
• Prepare and deliver responses in prior to due dates
• Proactively review ongoing compliance needs and solicit necessary information updates to keep team’s information resources current
• Engage in special or ad-hoc IT Compliance projects
• Support the development of IT Compliance programs and processes in alignment with organization’s strategic direction
• Provide project management and program leadership, including input for process improvement, business process and data analysis, process documentation and support of relevant tools
• Support corporate and business units teams and provide guidance in the overall execution of IT Compliance initiatives
• Provide periodic reports to the IT Compliance Leadership regarding issues and trends Bachelor's or master's degree in computer science, information systems, engineering, or a related discipline
• 8 years of experience in IT risk and compliance management or IT in general
• IT applications or operations experience, preferably in the insurance or financial services industry.
• Strong understanding of regulatory expectations and leading industry practices required for large financial services/insurance institution
• Coursework/experience in business, business management and communications a plus
• Familiarity with IS0 27001, NIST 800 Series, or COBIT a plus
• Experience working with SSAE16 and federal regulators a plus
• Excellent written and verbal communications, effective interpersonal skills, good formal presentation abilities
• Certified Information System Security Professional (CISSP), PMP, CISM, or CRISC a plus
• Experience with Archer or other eGRC tools a plus
• Candidate must have the ability to operate with team members in multiple locations with minimal supervision and effectively communicate with both internal and external customers while displaying leadership in an interdisciplinary team.
Pass it on for Referral Bonus. Not the right role for you, but know someone we should meet? Share with him to earn $1,000 referral bonus.