IT Risk & Compliance Program Manager

• Formulates strategy for delivering compliance programs including, but not limited to, planning, execution, reporting and follow-up.
• Collaborates with IT and cross-functional teams during all phases of a compliance review to ensure appropriate coverage.
• Executes on all aspects of the compliance program, including planning, risk assessment, walkthroughs, and controls validation.
• Applies concepts of risk assessment and professional skepticism when assessing adequacy of controls.
• Constructs corrective action plans for resolution of control weaknesses and provides expert guidance on how to avoid and prevent similar situations in the future.
• Develops relationships with functional areas. Collaborates and influences management to implement change that will improve the company's security and compliance posture.
• Ensures key deliverables adhere to high quality standards
• Tracks and monitors action plans against agreed upon timelines directly with IT/Business partners.
• Prepares and presents compliance status reports for internal management and regulatory agencies as required.
• Partners with Legal for interpretation of data privacy laws and regulations, their specific impact on data and technologies, and implementation guidelines.
• Ensures that program milestones/goals are met within approved budgets.
• Develops information security policies and procedures.
• Maintains and ensures compliance documentation, information security policies and procedures aligns (and evolves) with regulations and security best practices.
• Actively participates, contributes and works with other compliance team members for the delivery or improvement of compliance programs.
• Develops information security policies and procedures.
• Mentors and trains team members. Assigns and coordinates work as needed.
• Performs other related duties and projects as business needs require at direction of management.

• Bachelor’s degree or equivalent in related field.
• Minimum five (5) years of Information Security and Compliance experience or IT Audit experience, or any equivalent education and/or experience from which comparable knowledge, skills and abilities have been demonstrated/achieved.
• Previous program/project management experience.
• CISA, CRISC, Security+, CISSP or similar certification, nice to have

Pay Range: $92,000.00 - 135,000.00/yr