Logo
RIT Solutions, Inc.

IT Manager - Controls & Risk Management

RIT Solutions, Inc., San Francisco, California, United States, 94199


Title-IT Manager - Controls & Risk Management Location-Westborough, Massachusetts Duartion-6-12+ Months

MUST HAVE: GOOD WORK HISTORY

MetroWest/ Hybrid- Tuesday; Wednesday and Thursday Our client is a leading publicly traded technology operator. They are recruiting a Manager of Controls and Risk Management to bolster their Information Security group. This team supports the control framework globally (ISO 27001/27002, Sarbanes-Oxley and Payment Card Industry compliance to name a few) and enhances the information security and risk management program. Scope of Role; - Manage the IT control framework globally and drive the design and implementation of SOX controls. - Conduct and monitor third-party system certifications and conduct security and privacy impact assessments for existing and new initiatives across the Company. - Implement/ update GRC tools within the department to further the visibility of controls and access review process, resulting in more efficient processes throughout the Company. - Perform issue analysis and risk mitigation procedures in coordination with management. - Provide guidance and coaching to control owners globally on audit methodology and evidence requirement improving audit experience for internal and external auditors. - Oversee access reviews, SOCI/II reviews, and security policies. - Conduct and monitor third-party system certifications and conduct security and privacy impact assessments for existing and new initiatives across the Company. - Run various trainings promoting awareness of cybersecurity, governance, risk, and compliance. Qualifications - Bachelor's degree in Information Systems, Accounting or Computer Science, or equivalent work experience required. - 5 plus years of IT, information security, or IT audit experience required. - Experience with IT general controls, information security, and privacy regulations strongly preferred. - Experience developing, documenting, and maintaining security and/or privacy frameworks, standards, and controls preferred. - Knowledge of risk management and assessment methods and technologies and/or audit experience required. - Knowledge of Sarbanes-Oxley required. - Knowledge of Information Security Standards (e.g., ISO 27001/27002, NIST) and Data Privacy - Compliance Regulations (e.g., GDPR, CCPA, HIPAA, etc.) preferred. Why is This a Great Opportunity This opportunity will be attractive to an information technology professional that enjoys leveraging their technical skills to deal with the challenging and changing risk and control issues faced by a complex organization. You may be a strong performer in a consulting firm and/ or currently in another organization looking for a new challenge. Prior experience in a large complex organization is a must