Day to Day :
Reporting to the Director, IT Security Governance, Risk, and Compliance (GRC), based in El Segundo, CA, the IT Operational Compliance Program Associate Manager role is to manage the day-to-day operational oversight of the IT compliance program with a focus on developing and improving IT compliance programs, conducting risk assessments, and IT compliance reviews, identifying issues/areas of improvement, working with various IT teams to formulate and execute remediation plans, and reporting results to management. This position requires knowledge of, and testing practices related to; IT general controls, Application role configurations, SOD frameworks, network operating environments, network components, SAAS environments, information technology infrastructures, operating systems, servers, information security management, relational database management systems, program changes, web applications, BCP/DR, and systems development life cycles. The IT Operational Compliance Program Manager must understand and apply IT frameworks (i.e. COBIT 5), and standards (i.e. NIST, PC, SOX), and have the ability to assess security, financial, operational, and regulatory risks as they relate to the use of information technology. The IT Operational Compliance Program Manager is responsible for managing and prioritizing assignments based on the fast paced and changing environment while also ensuring high quality work product and adherence to deadlines. Strong communication, interpersonal skills, analytical abilities, and attention to detail are required.
Responsibilities :
* Assist with the development and implementation of a Global SOD cross-platform methodology.
* Assist with the development of IT compliance best practice program and advise internal management and business partners on the implementation of such program.
* Manage companywide cross-platform and individual system User Access Reviews.
* Manage companywide cross-platform SOD and individual system SOD Access Reviews.
* Using a risk-based approach, ensure appropriate IT best practice controls exist, operate effectively and that information systems follow industry and corporate standards.
* Collaborate with cross-functional teams to conduct various IT Compliance reviews (e.g., PCI, NIST, IT Policy Compliance, IT Best Practice) to identify compliance issues and areas of improvement in various IT processes and systems.
* Work with various IT teams to facilitate timely remediation of issues and implementation of recommended improvements.
* Develop and maintain documentation related to IT processes and controls.
* Assist in the development and implementation of IT compliance policies and procedures.
* Assist in the preparation and related response to external/internal audits and/or assessments.
* Stay updated on industry regulations and standards related to IT security and compliance.
* Conduct regular GAP analysis on new and updated IT controls and best practices in the industry.
* Create executive level status decks and presentations on IT Compliance Program.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
HR@insightglobal.com.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
* Min 4 years' experience working in IT Security Compliance, IT Internal/External audit, or IT Consulting (i.e. Big 4 or equivalent)
* Experience in developing SOD matrices/frameworks
* Experience in performing SOD and User Access Reviews for various systems (applications, databases, network, etc.)
* Ability to collaborate with cross-functional teams to identify and address compliance issues in IT processes and systems.
* Working knowledge of common IT compliance standards (SOX, SOC1, SOC2, PCI-DSS, GDPR, COSO, COBIT, NIST, and/or ISO 27001)
* Familiarity with IT auditing tools and techniques
* Relevant IT Compliance certifications (e.g., CISSP, CISA
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.