As the Technical Director of IT Governance, Risk, and Compliance you will be a decision maker for driving compliance readiness throughout AOL Technologies, providing timely, efficient, results-oriented and professional advice on a broad range of activities involving governance, risk management and compliance. You will be responsible for managing issues relating to technology, audits, and contracts. Emphasis on the practical application of standards and regulatory requirements and developing an effective compliance program and the soft skills required to cultivate effective relationships with operations, business stakeholders, peers, senior management and executive leadership.
In addition, you???d provide company-wide direction in areas of technology policy and related activities. This role is a member of the IT Security Leadership team and provides technical vision and hands-on management of day-to-day tactical activities and long-term strategic direction for all technology-related compliance direction. We???re looking for an effective industry leader who ensures that AOL???s Technologies and business stakeholders understand the risk we should take, managing those risks successfully, and ensuring they understand the approach.
Desired Skills and Experience
In addition to supporting AOL???s efforts to manage risk and compliance, you would be responsible for managing a team of engineers providing application security and assurance. This team supports AOL product and development teams as they build applications and services. This includes assessing web, mobile, and enterprise applications emphasizing real-world risk, and be responsible for AOL???s vulnerability management program.
Specific areas of activities are as follows:
*Develop, implement and monitor a strategic, comprehensive technology risk management program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by AOL Technologies.
* Responsible for the development and delivery of a comprehensive IT governance, risk and compliance program, including policies, standards and procedures; confer with key management, data custodians and business units in the development of such policies and standards validating the ability to operationally implement those controls effectively and efficiently; and oversee the dissemination AOL-wide distribution of IT policies, standards and procedures; and evaluate request for Exceptions and determining acceptance of risk for AOL.
* Advocate, explain and interpret IT policies, standards, and initiatives to promote support and enhance the effectiveness; negotiate resolutions of issues which arise in implementation of IT Controls and related procedures.
??* Ensure continuous technology compliance by testing IT controls, monitoring, identifying, reporting and conducting risk analytics to ensure AOL is taking efficient and effective steps to protect critical data. * Provide strategic and tactical technology compliance direction for IT initiatives, including the evaluation and recommendation of technical controls.
* Be the liaison addressing IT risk management and compliance issues with cross-organizational operational security teams (e.g., ITSec, Enterprise Services, and Network Ops), AOL Legal (e.g., Corporate Compliance, Privacy, etc.), AOL Finance (Internal Audit), and HR management teams, as required.
* Work directly with the business units and acquisitions to identify acceptable levels of risk, ensure the establishment of segregation of duties/roles and responsibilities, and effective IT controls are in place in regards to data classification, discovery, and protection.
* Ensure that minimum security guidelines are in place to protect sensitive credit card data to successfully achieve Payment Card Industry (PCI) Attestation annually for Domestic and EU (UK and Germany).
* Ensure Advertising Technology Systems are in compliance with and achieve Media Ratings Council (MRC) annual certification (U.S. and Germany). Conduct, validate and document test of controls to ascertain level of compliance.
* Ensure Human Resources technology controls are in effective, validated and in compliance with HIPAA technology requirements.
* Ensure that AOL IT requirements and security activities are in compliance with applicable international and domestic laws, regulations, Data Transfer Agreements, Safe Harbor, etc. to minimize or eliminate risk and findings.
* Create, implement, manage, and track (evidence verification) information risk and security management awareness training programs for all employees, contractors, and acquisitions.
* Conduct and/or facilitate the technology reviews, including reporting, solutions, and oversight of remediation efforts to address negative findings. Work with operational teams to ensure they continue to move forward with remediation commitments and deadlines.
* Work with outside entities (e.g., third parties AOL supports, third parties AOL outsources to, External Auditors) to provide technology evidence, documented exceptions, mitigating controls, and/or remediation activities underway to verify AOL???s technology compliance.
* Be the primary
Pass it on for Referral Bonus. Not the right role for you, but know someone we should meet? Share with him to earn $1,000 referral bonus.
Posts
