Saxon Global
Controls Manager
Saxon Global, Roseland, New Jersey, us, 07068
Controls Manager needed
remote or hybrid in Roseland, NJ
6 month contract with possible extension
Description:
The Controls Manager in the Global Product & Technology Risk & Reliability group will focus on supporting the R&D team control owners with controls development, maintenance, and attestation, as well as support the R&D teams by ensuring failure response activities are driven to completion as they relate to new controls, control enforcement, or modifying the scope of the control. The Controls Manager will also support the stand-up and rollout of the integrated risk assurance program to R&D teams to support a broader understanding of the risk program and roles/responsibilities across the R&D organization.
Responsibilities:
Works with technical Control Owners to guide them through the development, maintenance, attestation and testing activities related to the security controls management process, advising the team from a technical cybersecurity, privacy, and IT controls perspectiveMaps controls to the organization's security framework, and to the appropriate testing team (ISO, SOC, PCI, Global Security, etc.)Creates and maintains templates and standard operating procedures that align to applicable policy, standard, and compliance requirementsProvides recommendations to Control Owners to increase maturity and effectivenessSupports the Control Owner(s) when control failures occur to ensure control remediations are documented and executed uponDevelops reporting and plans to ensure controls are maintained and attested to in accordance with policies and proceduresPartners with Enterprise Risk, Global Security Organization, Internal Audit, Compliance, and other key stakeholders to ensure R&D controls and control activities are aligned to the organizations risk program and processesDevelops rollout and educational strategies to strengthen the knowledge of the risk practices to the R&D organizationsPartners with Control Owner(s) to ensure quality and accuracy of control activities information in ADP's GRC toolServes as liaison between non-GPT risk roles and R&D if needed to support the risk processParticipates in the Integrated Assurance Risk (IAR) working group to represent GPT and to align GPT's risk program to the IAR goalsOther assignments may be assigned to support risk management projects and transformation effortsRequirements:
Minimum of 5 years of ITGC (cybersecurity focus preferred) experience in the risk/audit domain2 years of experience developing control procedures related to technology domains such as, product development, disaster recovery, data protection, cybersecurity, identity and access management, network management, and cloudWorking knowledge of applied industry accepted frameworks and standards for cybersecurity, privacy, and IT, such as NIST 800-53, NIST Cybersecurity Framework, ISO 27001, and SOCOne or more technical industry certifications preferred, such as the CISSP, CISA, CISM, etc.Demonstrated ability to work well in both an individual contributor and team capacity within a global teamAble to interact in a professional manner and develop relationships with individuals and teams at any level1-3 years of experience using an enterprise GRC tool, such as Archer
Required Skills : NIST frame work big plus if they built out an audit on their own GRC tool, such as Archer last four of social , and BD (month and day)Basic Qualification :Additional Skills :Background Check :YesDrug Screen :YesNotes :Selling points for candidate :Project Verification Info :Candidate must be your W2 Employee :NoExclusive to Apex :NoFace to face interview required :NoCandidate must be local :NoCandidate must be authorized to work without sponsorship :YesInterview times set :YesType of project :IntegrationMaster Job Title :OtherBranch Code :New Jersey
remote or hybrid in Roseland, NJ
6 month contract with possible extension
Description:
The Controls Manager in the Global Product & Technology Risk & Reliability group will focus on supporting the R&D team control owners with controls development, maintenance, and attestation, as well as support the R&D teams by ensuring failure response activities are driven to completion as they relate to new controls, control enforcement, or modifying the scope of the control. The Controls Manager will also support the stand-up and rollout of the integrated risk assurance program to R&D teams to support a broader understanding of the risk program and roles/responsibilities across the R&D organization.
Responsibilities:
Works with technical Control Owners to guide them through the development, maintenance, attestation and testing activities related to the security controls management process, advising the team from a technical cybersecurity, privacy, and IT controls perspectiveMaps controls to the organization's security framework, and to the appropriate testing team (ISO, SOC, PCI, Global Security, etc.)Creates and maintains templates and standard operating procedures that align to applicable policy, standard, and compliance requirementsProvides recommendations to Control Owners to increase maturity and effectivenessSupports the Control Owner(s) when control failures occur to ensure control remediations are documented and executed uponDevelops reporting and plans to ensure controls are maintained and attested to in accordance with policies and proceduresPartners with Enterprise Risk, Global Security Organization, Internal Audit, Compliance, and other key stakeholders to ensure R&D controls and control activities are aligned to the organizations risk program and processesDevelops rollout and educational strategies to strengthen the knowledge of the risk practices to the R&D organizationsPartners with Control Owner(s) to ensure quality and accuracy of control activities information in ADP's GRC toolServes as liaison between non-GPT risk roles and R&D if needed to support the risk processParticipates in the Integrated Assurance Risk (IAR) working group to represent GPT and to align GPT's risk program to the IAR goalsOther assignments may be assigned to support risk management projects and transformation effortsRequirements:
Minimum of 5 years of ITGC (cybersecurity focus preferred) experience in the risk/audit domain2 years of experience developing control procedures related to technology domains such as, product development, disaster recovery, data protection, cybersecurity, identity and access management, network management, and cloudWorking knowledge of applied industry accepted frameworks and standards for cybersecurity, privacy, and IT, such as NIST 800-53, NIST Cybersecurity Framework, ISO 27001, and SOCOne or more technical industry certifications preferred, such as the CISSP, CISA, CISM, etc.Demonstrated ability to work well in both an individual contributor and team capacity within a global teamAble to interact in a professional manner and develop relationships with individuals and teams at any level1-3 years of experience using an enterprise GRC tool, such as Archer
Required Skills : NIST frame work big plus if they built out an audit on their own GRC tool, such as Archer last four of social , and BD (month and day)Basic Qualification :Additional Skills :Background Check :YesDrug Screen :YesNotes :Selling points for candidate :Project Verification Info :Candidate must be your W2 Employee :NoExclusive to Apex :NoFace to face interview required :NoCandidate must be local :NoCandidate must be authorized to work without sponsorship :YesInterview times set :YesType of project :IntegrationMaster Job Title :OtherBranch Code :New Jersey