IT Risk and Compliance Manager


Laserfiche, a leading enterprise content management (ECM) software company, is looking for a dynamic and driven individual to coordinate third-party audits and manage the corporate risk management program. The IT Risk and Controls Manager will have an opportunity to impact the company’s growth and work on fast-paced, high-profile projects. If you have excellent communication skills and the drive to get things done, we want to hear from you!


Responsibilities Include:

  • Manage the corporate risk management program, including performing risk assessments and managing risk remediation initiatives
  • Manage and coordinate customer and third-party audits including SOC 2 and ISO 27001 certification
  • Manage the business continuity management program, including performing a BIA, developing and testing BCPs and coordinating with IT on DR planning
  • Collaborate with cross-functional teams to document, implement, monitor and manage IT controls
  • Coordinate written responses to RFPs on IT security, controls and compliance areas
  • Assist with special projects as needed for the IT Department

What You’ll Need:

  • Bachelor’s degree (BA) in management information systems, IT auditing or related degree program
  • Minimum of 3-5 years of experience in IT auditing or security
  • Experience with third party attestations and IT controls documentation
  • Experience with industry regulations (e.g., HIPAA, PCI, GLBA) and leading frameworks such as AICPA Trust Services Principles, COBIT, NIST standards (e.g., SP 800-30, SP 800-53) and ISO 27001
  • Certification in IT auditing, IT risk and/or security (CISA, CISSP, CRISC, CISM) is required
  • Ability to organize and prioritize projects in a fast-paced environment with minimal supervision
  • Excellent written and verbal communication skills
  • Prefer working in a collaborative, cross-team capacity, but with the ability to independently analyze information and solve problems
  • Ability to travel 20% as needed

Click here to learn more about Life at Laserfiche.
Laserfiche complies with all Equal Opportunity and Affirmative Action regulations. Laserfiche makes all employment decisions – such as recruiting, hiring, training, promotion, compensation, professional development practices, discipline and termination – without regard to race, religion, color, national origin, ancestry, citizenship, sex, pregnancy, age, creed, physical or mental disability, medical condition, genetic characteristic, marital status, veteran status, gender identity/expression, sexual orientation or any other characteristic protected by law, except as may be permitted by law.


. . . . . . . .

Leave a Reply