IT Governance - San Francisco - IEQ Capital

Description

IT Governance & Compliance Manager

IEQ Capital is a Registered Investment Advisor seeking to transform traditional wealth management. Our quest is to integrate the Intellectual and Emotional Quotient, generating exceptional investment results driven by a values-oriented culture that fosters connection and collaboration with our clients. We focus our efforts on helping clients meet their investment objectives without the distractions and limitations that can arise within much larger organizations.

The Role

IEQ Capital is seeking a proactive and detail-oriented IT Governance & Compliance Manager to oversee IT strategy, compliance, and vendor management. This individual will work closely with our Managed Service Provider, Compliance, and Finance teams to ensure seamless IT operations, regulatory compliance, and a secure, efficient IT environment while also assisting in light infrastructure and day-to-day support as needed.

Key Responsibilities

• Ensure IT operations align with SEC, FINRA, and cybersecurity compliance requirements.
• Develop and maintain IT policies, procedures, and documentation in collaboration with Compliance.
• Oversee IT audits, risk assessments, and security reviews, ensuring adherence to industry regulations and internal policies.
• Maintain the Written Information Security Program (WISP) and ensure security controls are enforced.
• Change Management & IT Governance: Review and approve non-standard software/hardware changes, distribution list modifications, and security-related requests.
• Collaborate with leadership to define the firm's IT strategy and roadmap.
• Ensure IT investments align with business objectives, compliance mandates, and security best practices.
• Evaluate and recommend new technologies to enhance security, efficiency, and compliance.
• Oversee IT projects related to security, cloud migrations, regulatory compliance, and growth.
• Lead IT projects in coordination with the MSP, including hardware refresh cycles, network upgrades, cloud migrations, and system rollouts, ensuring alignment with business goals and compliance requirements.
• Vendor & Budget Management: Oversee IT vendors, assess performance, negotiate renewals, manage SLAs, and align IT budgets with Finance.
• Serve as the primary liaison between the firm and its MSP, ensuring service levels align with business needs.
• Evaluate MSP performance and security controls through regular reviews and audits.
• Manage relationships with third-party IT vendors, overseeing contract negotiations and service level agreements (SLAs).
• Ensure vendors adhere to compliance and cybersecurity best practices.
• Support hardware procurement by coordinating with the MSP to evaluate, approve, and facilitate the acquisition of IT hardware in alignment with business needs and security requirements.
• Review and approve user tickets for change requests, ensuring compliance with security policies and IT governance standards before implementation.
• Attend weekly meetings with the MSP to review ongoing initiatives, address service performance, and align IT strategy with business objectives.
• Oversee firm-wide cybersecurity initiatives, including incident response planning and employee security awareness training.
• Ensure implementation and enforcement of identity and access management controls (e.g., Single Sign-On, Multi-Factor Authentication, role-based access control).
• Monitor and assess IT security risks, working with vendors and MSP to implement mitigation strategies.
• Facilitate regular cybersecurity training and phishing simulation programs for employees.
• Maintain and oversee the firm's IT disaster recovery (DR) and business continuity plans (BCP), ensuring regular testing and updates.
• Work with MSP and vendors to ensure backup strategies align with security and regulatory requirements.
• Collaborate with the MSP to respond to IT incidents and escalations, ensuring timely resolution and alignment with security protocols.

User Education and IT Awareness

• Implement IT training programs to ensure employees adhere to best practices in security and compliance.
• Act as an internal IT advocate, ensuring leadership and employees understand how to use IT resources securely and efficiently.

Qualifications

• 5+ years of experience in IT governance, compliance, or risk management, preferably in financial services or a regulated industry.
• Strong knowledge of network infrastructure, cybersecurity best practices, and IT governance.
• Experience working with Managed Service Providers (MSPs) and IT vendors for security, infrastructure, and cloud services.
• Familiarity with regulatory compliance frameworks (SEC, FINRA, SOC 2, WISP, etc.).
• Hands-on experience with IT budgeting, strategic planning, contract negotiations, and cost optimization.
• Ability to manage IT projects, implement process improvements, and support a fast-paced, high-growth environment.
• Strong communication and stakeholder management skills to collaborate with business leaders, compliance, and vendors.

Compensation

The salary range for this role, inclusive of base and bonus, is $120,000 - $170,000, depending on skills and experience.