Laserfiche, a leading enterprise content management (ECM) software company, is looking for a dynamic and driven individual to coordinate third-party audits and manage the corporate risk management program. The IT Risk and Controls Manager will have an opportunity to impact the company’s growth and work on fast-paced, high-profile projects. If you have excellent communication skills and the drive to get things done, we want to hear from you!
- Manage the corporate risk management program, including performing risk assessments and managing risk remediation initiatives
- Manage and coordinate customer and third-party audits including SOC 2 and ISO 27001 certification
- Manage the business continuity management program, including performing a BIA, developing and testing BCPs and coordinating with IT on DR planning
- Collaborate with cross-functional teams to document, implement, monitor and manage IT controls
- Coordinate written responses to RFPs on IT security, controls and compliance areas
- Assist with special projects as needed for the IT Department
What You’ll Need:
- Bachelor’s degree (BA) in management information systems, IT auditing or related degree program
- Minimum of 3-5 years of experience in IT auditing or security
- Experience with third party attestations and IT controls documentation
- Experience with industry regulations (e.g., HIPAA, PCI, GLBA) and leading frameworks such as AICPA Trust Services Principles, COBIT, NIST standards (e.g., SP 800-30, SP 800-53) and ISO 27001
- Certification in IT auditing, IT risk and/or security (CISA, CISSP, CRISC, CISM) is required
- Ability to organize and prioritize projects in a fast-paced environment with minimal supervision
- Excellent written and verbal communication skills
- Prefer working in a collaborative, cross-team capacity, but with the ability to independently analyze information and solve problems
- Ability to travel 20% as needed
Click here to learn more about Life at Laserfiche.
Laserfiche complies with all Equal Opportunity and Affirmative Action regulations. Laserfiche makes all employment decisions – such as recruiting, hiring, training, promotion, compensation, professional development practices, discipline and termination – without regard to race, religion, color, national origin, ancestry, citizenship, sex, pregnancy, age, creed, physical or mental disability, medical condition, genetic characteristic, marital status, veteran status, gender identity/expression, sexual orientation or any other characteristic protected by law, except as may be permitted by law.