Key skills
Project ManagementRisk ManagementCommunicationProblem SolvingTime ManagementPresentation Skills
About this role
Role Overview
- To manage and advance the IT security, risk and audit compliance program
- Planning, scheduling, coordinating, reviewing and reporting of the work of the department
- Supervise, coach and train staff
- Develop procedures and audit programs and policies
- Represent Sedgwick IT to clients, carriers and external stakeholders
- Assist IT management on projects as needed
- Performs advanced, specialized and/or managerial IT compliance working the areas of regulatory compliance, data security and protection, risk assessment and risk mitigation
- Manages complex audits both internally and externally including third party vendor audits and client-initiated IT audits
- Performs critical project management duties in the planning, scheduling, coordinating, reviewing and reporting of the work of IT compliance teams
- Provides expertise in IT compliance standards and performance criteria, data security requirements and information technology skills
- Develops and maintains productive internal and external stakeholder relationships
- Communicates with company management clients, carriers, vendors and other stakeholders as needed during IT compliance activities
- Directly interacts with clients, carriers and other external stakeholders in critical or sensitive communications regarding IT compliance and security
- Responds to client, carrier and legal counsel inquiries regarding IT compliance and security matters
- Responsible for teaching, training and coaching staff and for creating appropriate awareness programs within IT and the enterprise
- Develops procedures, schedules, priorities and programs for achieving IT compliance objectives and goals
- Recommends and executes new policies at department and enterprise level
- Prepares audit and compliance reports, analysis and recommendations using advanced writing skills
- Assesses risk factors to identify high risk areas within IT
- Develops risk remediation plans and manages related projects to completion
- Identifies and communicates changes in professional and industry standards, laws, guidelines and audit requirements to department and enterprise personnel
- Consults with and advises administrators, management and staff on various operational control issues related to computerized information systems as needed
- Attends and/or conducts internal and external meetings
- Leads recruitment and hiring of IT audit, compliance and security colleagues
- Attends, presents and/or participates in continuing professional education classes and training courses
- Follows up on audit findings to ensure that management has taken corrective action(s)
- Assists and trains other audit staff in the use of computerized audit techniques and in developing methods for review and analysis of computerized information systems
Requirements
- Bachelor's degree from an accredited college or university required
- MBA or relevant Masters degree with a major in accounting or information technology field strongly preferred
- At least two of the following credentials required (additional credentials are preferred): Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Information System Security Professional (CISSP), or Certified Information Systems Auditor (CISA) designation
- Ten (10) years of information technology, accounting or closely related industry experience or equivalent combination of education and experience required to include four (4) years project management and/or supervisory experience in a team environment.
- Excellent understanding of internal control and data security concepts and their applications
- Excellent knowledge of IT compliance frameworks (i.e. SSAE 16 and ISO 2700x frameworks at minimum)
- Excellent knowledge of IT risk management, risk mitigation, data protection and security, and investigation procedures
- Solid knowledge of Sarbanes-Oxley Act provisions and methodologies for achieving compliance
- Excellent oral and written communication, including presentation skills
- PC literate, including Microsoft Office products
- Creative and analytical approach to problem solving
- Excellent detail orientation, time management skills and organization skills
- Excellent interpersonal skills and ability to work with various levels within the organization
- Ability to maintain confidential information in professional manner
- Ability to maintain profession demeanor in times of high stress
- Ability to manage multiple projects and set priorities
- Ability to work in a team environment and independently
Benefits
- Health insurance
- Retirement plans
- Professional development opportunities