Work with IT process owners to identify/improve and document detailed controls for key application, security, and infrastructure components
Provide on-going organization wide guidance on IT control requirements and impact
Facilitate requests between control owners and Internal/external audit teams and be the main point of contact with the Internal and External Audit teams
Manage and report on IT control gaps, track issues to completion, and provide recommendations for improvements
Lead in the design and implementation of efficient and effective controls within the organization
Participate in data privacy governance related activities such as data mapping and data privacy assessments
Manage the response for IT-related customer security assessments
Proactively identify IT control gaps with a focus on automating control reviews wherever possible
Manage access recertification process

5+ years of combined experience in the fields of Information Systems audit, IT security, IT governance, IT risk & IT compliance
In-depth knowledge and experience with Sarbanes-Oxley, PCI-DSS, ISO 27001, SOC 2 and the NYDFS Cybersecurity Regulation
Working Knowledge of Windows Operating System and Active Directory Security including Users and Groups, Group Policy, Domain Structures, Security and Auditing
Working knowledge of agile development methodology
Working knowledge of DevOps practices and technologies
Desire to measure and continuously improve in all areas and facets
Demonstrated ability to balance short term tactical wins with longer-term strategic solutions
Transformative mindset and experience operating as a change agent

Manager, IT Compliance

Key skills