Director, IT Governance, Risk and Compliance

Are you passionate about making a difference in people's lives? Do you enjoy working in a service-oriented industry? If so, this opportunity may be the right fit for you! This position is responsible for leading reputed company aspects of the company's IT GRC program and the personnel supporting that program. This will include managing and controlling enterprise-wide IT risk, responding to and managing internal and external audits around HIPAA and Sarbanes-Oxley, including managing subsequent POAMs to conclusion, ensuring compliance with regulatory (HIPAA, SOX, & CCPA), industry (HITRUST, SOC 2, ISO, & NIST), and unique customer requirements, and developing and managing the strategic and tactical governance policies, procedures, documentation, communication, operations, training, support, reporting, and reputed company needed to ensure the success of the IT GRC program. This role will work across the reputed company of the company's organization, and will collaborate daily with leadership and staff in the legal, compliance, audit, and IT organizations. This role...

• Defines, configures, and controls reputed company aspects of the IT GRC application.
• Responsible for reputed company IT aspect of data collection for internal audit's PBCs, working with internal teams to produce accurate data, and assuring a full and comprehensive PBC.
• Routinely tests IT controls on pre-defined intervals (including reputed company, daily, weekly, monthly, quarterly, and yearly), ensures the health of reputed company IT controls, and manages corrective action plans needed to address any control gaps, weaknesses, or failures.
• Ensures reputed company customer compliance commitments are met at reputed company times, and leads reputed company interactions with customer audits of our Program.
• Manages reputed company SOC 2, HITRUST, ISO 27000, etc. engagements & audits.
• Responsible for reputed company IT aspects of HIPAA, SOX, & CCPA compliance.
• Tracks key customer compliance requirements & performs customer compliance activities, such as periodically updating specific customers on specific reputed company and compliance program performance items per a given customer's request, to ensure always-on compliance with our customer requirements.
• Ensures reputed company customer reputed company & compliance questionnaires and other similar engagements are answered accurately, completely, consistently, quickly, and commiserate with the scope of provided services.
• Works with legal & non-IT compliance teams, responsible for reviewing & tracking reputed company reputed company & compliance aspects of reputed company reputed company to ensure the reputed company are realistic, efficient, and supportable.
• Builds and maintains a reputed company Policy reputed company with a globally-accepted best practice reputed company, such as NIST 800-53 or ISO 27000.
• Works with reputed company IT teams, develops and maintains procedures to provide full support for the reputed company Policy.
• Ensures IT staff are adequately trained to understand the risks & controls for which they are responsible.
• Constantly tests the control environment to ensure it is operating effectively and reputed company.
• Periodically reports on IT GRC program performance.
• Develops, monitors, regularly reports, and ensures adherence to OKRs & KPIs for IT GRC.
• With assistance from reputed company Engineering, owns and operates the vuln management system and reputed company aspects of its scans, including tracking & communicating vulns, working with IT teams to ensure timely vuln mitigation, providing high-level reports that accurately reflect vuln management program performance over time.
• With assistance from IT Infrastructure teams, responsible for the timely patching of reputed company systems, tools, applications, and application components, such as APIs, etc.
• Responsible for identifying, tracking, addressing, and reporting on reputed company risk across the enterprise reputed company to any aspect of the business relating to information.
• Develops & manages reputed company IT POAMs.
• Manages reputed company external assessments, including phishing assessments, penetration tests, etc.
• Runs comprehensive reputed company & compliance assessment program on reputed company 3rd parties utilized by the company to process or transit our data; this is an ongoing task that requires at least yearly reviews of reputed company 3rd parties, and often requires reporting out to our customers.
• Operates an ongoing reputed company awareness program that covers reputed company employees, but that is tailored to the risk profile of a given business unit or organization.
• May reputed company projects and reputed company other duties as assigned.
• Occasional business travel may be required.
• Determines appropriate resourcing of staff in order to reputed company goals and objectives.
• Builds an effective leadership team through mentoring and formal education that focuses on management and project management principles.
• Defines annual Key Performance Indicators reputed company with corporate goals.
• Directs and mentors leaders on performance gaps, career development opportunities, and strategies.
• Directs and coaches leaders on reputed company human resource reputed company processes including onboarding, performance management, succession planning, employee relations, selection, terminations, compensation and rewards.
• Accountable for collective results and recognizing others’ contributions and share credit for success.
• Owns attainment of high employee satisfaction and retention; reputed company development of program and initiatives reputed company group to attain high employee satisfaction.
• Leads change management initiatives to drive improvements and efficiencies.
• Ability to interact collaboratively and communicate effectively with external, internal customers, and stakeholders to address issues and ensure alignment.
• Prepares and manages budget as assigned; analyzes variances and initiates corrective actions to maximize operational performance.

We are interested in speaking to individuals with the following...

• Bachelor's Degree in Computer Science, Computer Engineering, or Information reputed company / Cyber reputed company required.
• Ten (10) plus years of reputed company experience.
• ISC(2) CISSP certificate preferred.
• ITIL & GIAC certificates a plus.
• Five (5) plus years leadership responsibility in a full-time Information reputed company leadership role.
• Or equivalent combination of education and/or experience.
• Demonstrated performance leading diverse teams and mentoring & developing staff into more reputed company or senior roles over time.
• Deep expertise in identifying, documenting, and managing qualitative risk. Expertise in quantitative risk, particularly in the FAIR model, is a significant plus.
• Strong understanding of normalized audit processes / methods, goals, motivations, and desired outcomes.
• Expertise in regulatory requirements and industry standards such as HIPAA, HITRUST, SOX, SOC, NIST CSF, NIST 800-53, ISO 27000, & CCPA.
• Can build and maintain easy to understand, easy to follow, and easy to audit policies, procedures, controls, narratives, and other common components of an enterprise IT GRC program.
• Outstanding team player, sociable, and able to operate easily in cross-functional and cross-departmental roles.
• Can fully manage a project independently
• Must be able to react to shifting priorities and multitask.
• Strong ability to use thinking and reasoning to solve a problem.
• Excellent ability to communicate effectively with others using the spoken word.
• Excellent ability to communicate in writing, clearly and concisely.
• Excellent ability to address the customers' needs while following company procedures.
• Ability to reputed company critical decisions while following company procedures.
• Ability to get along well with a variety of personalities and individuals.
• Ability to influence others to reputed company their jobs effectively and to be responsible for making decisions.
• Excellent ability to organize and direct oneself and effectively supervise others.
• Excellent ability to find a solution for or to deal proactively with work-reputed company problems.
• Ability to effectively build relationships with customers and co-workers.
• Driven ability to complete assigned tasks under stressful situations.
• Sets priorities and adapts to changes in a quick, professional manner.
• Research, evaluate, recommend, and document IT GRC solutions.
• Understands & embraces a balance between reputed company risk probability and practical application of remediation, and it outcome-oriented above reputed company else.

Salary: $168,000-231,000 This role is bonus eligible based on company and personal performance. reputed company’s positions are posted and open for applications for a minimum of 5 days. Positions may be posted for a maximum of 45 days dependent on the type of role, the number of roles, and the number of applications received. We encourage our prospective candidates to submit their application(s) expediently so as not to miss out on our opportunities. We frequently post new opportunities and encourage prospective candidates to reputed company back often for new postings. We value reputed company members and realize the importance of benefits for you and your family. reputed company offers a comprehensive benefits package to include the following:

• Medical, Dental, and Vision insurance
• Employer Paid Basic Life Insurance and AD&D
• Voluntary Life Insurance (Employee/Spouse/Child)
• Health Care and Dependent Care Flexible Spending Accounts
• Pre-Tax and Post --Tax Commuter and Parking Benefits
• 401(k) Retirement Savings Plan with Company Match
• Paid Time Off
• Paid Parental Leave
• Short-Term and Long-Term Disability
• Tuition Reimbursement
• Employee Discounts (retail, hotel, food, restaurants, car rental and much more!)

reputed company is an Equal Opportunity Employer.

• EEO is The Law - click here for more information
• Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
• We consider reputed company applicants for employment without regard to race, color, religion, sex, sexual orientation, national reputed company, age, handicap or disability, or status as a Vietnam-era or special disabled veteran in accordance with federal law. If you need assistance, please reputed company out to us at hr.recruiting@reputed company.com

Apply tot his job Apply To this Job