Senior IT Risk and Compliance Manager
Illinois, United States of America
Full Time
3 hours ago
No Visa Sponsorship
Key skills
Cyber SecurityLeadershipRisk ManagementCommunication
About this role
Role Overview
- Manage cross functional teams to ensure enterprise governance and compliance initiatives align with strategic goals are met successfully, on time, and with budget.
- Manage cross functional teams to drive successful results on business required SOC 2 Type II audits that directly support revenue growth.
- Manage IPH regulatory engagements, stay abreast of future regulatory requirements and the business impact they may present.
- Manage IPH Enterprise Data Security and Governance initiatives and ensure alignment with regulatory requirements, internal policies, and industry best practice information security standards.
- Manage cross functional teams to ensure compliance with applicable regulations and business requirements (e.g., SOC 2, NYDFS, Delaware Insurance Data Security, PCI, HIPAA, GDPR) and influence executive leadership.
- Manage IPH enterprise data security and governance compliance initiatives.
- Oversee the timely and appropriate data breach communications to partners and clients.
- Create and lead cross functional teams as needed to successfully complete and submit required business partner information security questionnaires.
- Develop and manage IPH information security governance framework.
- Lead board and executive leadership compliance and governance-related initiatives.
- Develop and manage key risk indicators (KPI’s) and escalate emerging risks to leadership.
- Analyze governance, risk, and compliance data to identify trends, gaps, and improvement opportunities.
- Ability to work independently on complex enterprise GRC initiatives.
- Mentor junior team members and contribute to team development.
- Stay current with emerging GRC technologies, cybersecurity risks, and regulatory changes.
- Promote a culture of security awareness and risk-informed decision-making.
Requirements
- Master’s degree in Information Security, Information Technology Management, Risk Management, or related field.
- Professional certifications such as CISSP, CISM, CRISC, CDPSE, or CISA are preferred.
- 8+ years of experience in information security governance, risk, and compliance leadership roles.
- Strong knowledge of security frameworks and standards (e.g., SOC 2, NIST SP 800-53, ISO 27001, PCI, HIPAA) and regulatory requirements (e.g., NYDFS, Delaware Insurance Data Security, PCI, HIPAA).
- Extensive experience with enterprise GRC platforms and tools.
- Excellent analytical, communication, and leadership skills.
- Demonstrated ability to effectively manage cybersecurity audits and risk assessments to positive outcomes.
Tech Stack
- Cyber Security
Benefits
- Comprehensive full medical, dental and vision Insurance
- Basic Life Insurance at no cost to the employee
- Company paid short-term and long-term disability
- 12 weeks of 100% paid Parental Leave
- Health Savings Account (HSA)
- Flexible Spending Accounts (FSA)
- Retirement savings plan
- Personal Paid Time Off
- Paid holidays and company-wide Wellness Day off
- Paid time off to volunteer at nonprofit organizations
- Pet friendly office environment
- Commuter Benefits
- Group Pet Insurance
- On the job training and skills development
- Employee Assistance Program (EAP)