IT Compliance Manager


Owning all compliance processes by partnering with IT, Security, Engineering, Internal Audit and external Audit teams to ensure our processes and solutions comply with existing and future regulations by supporting a risk driven approach to make valuable recommendations on standardization of processes and controls, and influence changes and decisions.

Key Responsibilities:

Contribute to sustainable IT control environment through involvement in key IT control activities:

  • Coordinates with internal and external audit to facilitate audit requirements
  • Orchestration of monthly, quarterly, and annual review activities
  • Drive the remediation of IT control deficiencies
  • Contribute to the continued development of internal controls awareness within the organization
  • Facilitation of IT SOX policies, narratives, and control self-assessment documentation
  • Create and maintain IT control documentation and knowledge repository
  • Continuously improve integration of internal controls in various IT environments
  • Develop recommendations to improve the IT internal control environment
  • Participation in IT risk assessment activities across the organization, including 3rd party risk assessments
  • Assist in identification and implementation of activities to increase the efficiency and effectiveness
  • Participate in risk management, compliance, and internal control initiatives as needed
  • Perform gap and readiness assessments for compliance obligations focused on security (i.e. PCI-DSS, ISO 27001, SOC 1, SOC 2, etc)
  • Support Company Policy creation, assessment and enforcement


  • Bachelor’s Degree
  • Effective communication and presentation skills
  • Highly independent, with high ethical standards and integrity
  • Experience in program or project management
  • Experience and working knowledge of security related technology (e.g. Identity Management tools, Firewalls, etc.)
  • 5+ years experience in performing IT Audit/ IT Compliance assessments/ Gap assessments, ideally for Sarbanes-Oxley, PCI-DSS, ISO 27001, SSAE 16/ISAE 3402/SOC 1, SOC 2 or NIST 800.
  • In-depth knowledge and experience of Sarbanes-Oxley, PCI-DSS, ISO 27001, SSAE 16/ISAE 3402/SOC 1, or SOC 2
  • Experience with privacy requirements, such as Privacy Shield and related security and privacy policies, processes, and regulations an advantage.
  • Experience dealing with all levels of management and across different teams, including managing conflicts
  • Exposure to cloud environment security standards and implementation
  • 5-8 years of internal controls, audit, information security, or technology process experience

  • Experience with compliance and/or control frameworks and standards

  • Experience with ISO 27001, PCI DSS and Sarbanes-Oxley compliance

  • Experience in implementing industry leading practices

  • Big 4 experience preferred

  • Evidence of Exceptional Ability



. . . . . . . .

Leave a Reply