No more applications are being accepted for this job

Information Technology Compliance Manager - Alameda, United States - TRUGlobal

TRUGlobal Alameda, United States

1 month ago

Accounting / Finance

Description

The IT Compliance Manager will be an individual contributor who will oversee the Enterprise IT controls, processes, and transactions to ensure they follow all relevant regulatory, legal, and internal compliance guidelines.

These duties will include developing, self-auditing, managing and overseeing IT Controls across all domains of IT i.e., Network security, Cloud Security, Infrastructure security, End-point security, IAM, Data security, Endpoint security, Application security, IT/ Security operations, ensuring internal and regulatory compliance, working with peer teams to address any gaps and report on compliance.

Specific Duties and Responsibilities

● Develop the IT General Controls Framework, Implement and Manage an effective IT controls audit and compliance program for the enterprise across all domains of IT, and manage cybersecurity risk to the business.

● Responsible for self-audit without much assistance from system or service owners across all IT domains i.e., Network, Cloud, IAM, Data, Application, IoT, IT and Security Operations/ Engineering. ● Partner with peer teams and business where necessary, be self-reliant on security audits, reviews, evidence retrieval, engage with 3rd party auditors on testing/walk-throughs and address any security gaps.

● Create and manage effective action plans in response to audit discoveries and compliance violations.

Position Qualifications Minimum education and experience:

● Bachelor's degree in computer science or related field with 10+ years of experience, or equivalent combination of education and experience Additional qualifications:

● Ability to develop ITGC framework, implement and manage audit , governance and compliance across all IT domains i.e., Network, Cloud, IAM, Endpoint, Data, Applications and Operations.

○ ITGC Framework

○ Network Controls - COBIT / NIST / CSF

○ Cloud Controls - CSA / CASB / Cloud Access

○ IAM - Identity Access Management - ISO 27001

○ Endpoint Controls

○ Data Controls

○ Application Controls

○ Operation Controls

● 10+ years' hands-on experience preferred in developing, implementing and managing enterprise IT audit, governance and compliance framework. The below hands-on capability is a must to avoid failing on the job:

● Self-reliant & motivated, with expert level understand of IT technology stack across Network, IAM, Endpoint, Data, Applications & Cloud. *

● Fully self-reliant, hands-on capability across IT technology stack across Network, Cloud, IAM, Endpoint, Data & Applications.

Note: If you do not have technical hands-on capability stated below, please do not submit your resume for this role.

Example: Give the network domain, you will be responsible to access & audit, IT controls, config hardening, IAM configs etc across routers, switches, WLC's etc.

Example: Given an application domain, You will be responsible for auditing applications security stack, runtime protection, API security etc.