IT Compliance Manager

📋 Description

• Carry out assurance tasks associated with the annual SOX Compliance audit, concentrating specifically on IT General Controls and Vendor SOX Compliance.

• Oversee compliance initiatives for the NIS2 Directive, which includes conducting initial and ongoing gap assessments, tracking remediation efforts, and aligning supply chain security.

• Execute quarterly compliance assurance testing and ensure the maintenance of documentation that is ready for audit purposes.

• Record compliance testing evidence and outcomes, providing assurances that are ready for audit review.

• Maintain a catalog of the Management Action Plan (MAP) with specified due dates.

• Administer monthly audit Management Action Plans (MAPs), which entails timely communication regarding open MAPs and escalating risks related to meeting their agreed-upon delivery dates as necessary.

• Conduct administrative tasks within the GRC Solution pertaining to compliance activities.

• Oversee unplanned external IT audits.

• Assist the GRC Lead with internal audits focused on the CTO/CISO.

• Supervise compliance program reporting activities.

⛳️ Requirements

• A minimum of 7 years of experience in one or more of the following areas: Information Security, SOX Compliance, Internal Controls, Internal Audit, or GRC.

• At least 3 years of experience leading or managing internal and external audits (such as Sarbanes-Oxley SOX) for a publicly traded US company.

• Direct experience with EU cybersecurity regulations, particularly the NIS2 Directive.

• Familiarity with GRC tools (e.g., Archer).

• Possession of ISACA CISA and/or CISM Certifications is a significant advantage.

• Understanding of security concepts and methodologies, including risk assessments, risk & controls, policies & standards, enterprise security strategies, as well as network and cloud security.

• Practical knowledge of security and compliance frameworks such as CIS, NIST, and ISO.

• Exceptional written and verbal communication abilities, including presentation skills, with the capacity to clearly articulate issues to management and other key stakeholders.

🏝️ Benefits

• No relocation support available