Director, IT Compliance - Richmond, United States - Apex Systems

Description

DIRECTOR, IT COMPLIANCE

WHO WE ARE

Apex Systems is a world-class technology services business that incorporates industry insights and experience to deliver solutions that fulfill our clients' digital visions. We provide a continuum of services, including strategy and enablement, innovation and productivity, and technology foundations to drive better results and bring more value to our clients. Apex transforms our customers with modern enterprise solutions tailored to the industries we serve. Apex has a presence in over 70 markets across North America, Europe, and India. Apex is a segment of ASGN Inc. (NYSE: ASGN).

At Apex Systems, we prioritize professional development, work-life balance, and fostering a collaborative culture. We value our team's well-being and recognize the importance of building strong relationships. That's why we organize regular team-building events and philanthropic days to give back to the community - fostering a sense of purpose and fulfillment among our team.

Join us for career advancement, innovative solutions, and a supportive environment focused on your success.

JOB DESCRIPTION

The Director, IT Compliance reports to the CIO and leads the compliance and internal controls team, which is responsible for establishing internal controls, policies, and standards, and ensures the Company's:

• IT internal controls are adequate, appropriately designed, and operating effectively

• Compliance with all relevant IT regulations, policies, standards, certifications, and contracts

• IT-related audits are completed timely, efficiently, and with no exceptions

To be successful in this role, you will have strong relationships and good communication with other leaders within the CIO Group as well as the CFO, CHRO, and other executive level business partners within Apex and its parent company, as well as with internal and external auditors.

RESPONSIBILITIES:

Ensuring Adequate and Effective IT Internal Controls

The Director of IT Compliance will establish and maintain a best-in-class, risk-based, IT internal control environment and oversee the design, implementation, and ongoing effectiveness of internal controls for IT applications, infrastructure, processes, and data. This includes assessing existing IT controls through self-assessments, identifying gaps, and implementing improvements, such as automating manual controls, to enhance effectiveness.

Working closely with IT management, internal audit teams, and other business stakeholders, the Director will ensure that IT controls align with control objectives, regulatory requirements, and industry best practices. Regular monitoring and self-testing will be conducted to mitigate risks and support internal controls over financial reporting (ICFR).

Additionally, the Director will lead efforts to create and maintain current documentation of IT control frameworks, policies, standards, procedures, and process narratives. Further, the Director will establish standards and protocols for documenting and preserving evidence of control performance.

Ensuring Compliance with IT Regulations, Policies, and Standards

The IT Compliance Director plays a crucial role in fostering a culture of compliance within Apex, overseeing the development and maintenance of IT compliance programs, training initiatives, and awareness campaigns. The position is instrumental in meeting and surpassing compliance requirements and certifications, both current and future.

The IT Compliance Director is accountable for ensuring Apex adheres to relevant IT regulations, laws, policies, standards, certifications, and contractual obligations, both domestically and internationally.

• Domestic requirements include federal, state, and local regulations

• International requirements pertain to countries where Apex Systems, LLC operates presently or in the future.

The role includes reviewing all 3rd and 4th party contracts and requirements to ensure alignment with customer needs and Apex's standards. Additionally, the Director provides guidance and assistance with all certifications held or requested by the business, such as ISO 27001, HiTRUST, NIST , CMMC, SOC1/SOC2, GDPR, and Sarbanes-Oxley (SOX) compliance.

Given the dynamic nature of regulations, the Director must remain current with any regulatory changes and work closely with legal, compliance, and internal audit teams to interpret and implement IT regulations and standards effectively. The Director also ensures the timely renewal of certifications, which is determined by the certification body. Additionally, the IT Compliance Director supports the head of IT Security with the Disaster Recovery program and assists the business with the Business Continuity Program.

Overseeing Timely and Efficient IT-related Audits

The IT Compliance Director will oversee the planning, execution, and reporting of IT-related audits with the goal of completing all audits timely, efficiently, and with no exceptions. This includes:

• Coordinating with various audit teams

• Defining audit scope and objectives

• Actively participating in process and control walkthroughs and meetings

• Ensuring that audit activities are conducted according to established protocols and timelines.

• Reviewing all required data and evidence, such as process and control narratives and information provided by the client (PBC), to ensure they are audit-ready and comply with the auditors' "information used in the control" (IUC) requirements

The IT Compliance Director will ensure that audit findings and recommendations are promptly remediated, and corrective actions are implemented timely to resolve any identified deficiencies or weaknesses. Regular communication with audit stakeholders, including senior management and audit leaders at both Apex and its parent company, will be maintained to provide updates on audit progress, findings, and remediation efforts. Additionally, the Director will facilitate postmortem reviews and lessons learned sessions to identify opportunities for process improvements and enhance audit efficiency and effectiveness.

JOB REQUIREMENTS

• Bachelor's degree from an accredited college or university

• 10+ years of relevant experience working in IT Compliance for a publicly traded company

• Relevant certifications preferred (CISA, CISM, CISSP)

• Experience with performing review and testing for the Sarbanes-Oxley (SOX) IT General Controls (ITGCs) and coordinating all IT-related SOX activities

• Demonstrated experience leading and managing a team

• Experience working with Public Accounting Firms (Big 4 audit firms, preferred)

• Proven experience working in a large-scale environment with remote offices

• Possess excellent written, verbal, and presentation skills

OUR AWESOME BENEFITS:

• Competitive Pay

• Health, Dental and Vision Insurance

• Long and Short-Term Disability

• Life Insurance

• Vacation and Holiday Pay

• 401k Retirement Plan

• Training and Advancement opportunities

• Tuition Reimbursement

• Birthdays Off

• Philanthropic Opportunities

• Referral Program

• Partial Gym Membership Paid

• Team Building Events

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact