Business Information Systems IT Control Manager

Philadelphia, PA
Full-time


As a Business Information System IT Compliance Manager, you’ll work to ensure compliance with regulatory and industry mandates that include SOX, PCI, GDPR and others. You’ll manage the day-to-day aspects including scoping, implementing controls, overseeing all review exercises, creating and maintaining documentation, as well as working with all departments to complete the assessments.
WHAT YOU’LL DO:

  • Enhance and oversee all aspects of the Analytics Business Information Systems IT General Controls (ITGC) to ensure our continued compliance with the Sarbanes Oxley (SOX) act.
  • Establish processes to support the controls and ensure that control self-assessments are conducted in a timely manner ensuring completeness and accuracy.
  • Identify and validate key controls to address IT and business risks and work with various teams to address identified deficiencies and help identify compensating controls.
  • Manage User access Provisioning and De-provisioning approval process including working with business owners on periodic Segregation of Duty(SOD) review based on a developed SOD framework
  • Develop and manage Access Recertification Process for Business Information Systems on a quarterly basis, and follow-on activities including conducting look back analysis if necessary
  • Coordinate the review of the SaaS applications SOC 1, Type 2 reports and follow-up actions on Complementary User Entity Controls (CUEC’s) or other compensating controls.
  • Review and oversee compliance related procedures, documentation, sign-off etc on – Business Information System’s Incident and Change manage processes.
  • Direct, manage, monitor the effort to ensure compliance with the PCI Data Security Standard (PCI-DSS).
  • Partner with Internal Audit team to perform audits of third parties such as vendors, services providers, consulting organizations etc.
  • Partner withInternal Audit team to facilitate and support internal and external audits.
  • Educates and mentor technical teams on ITGC and compliance and facilitates embedding compliant practices into the way operates.
  • Partner with CISO, Legal and internal audit teams to facilitate compliance with European Union Privacy Law – EU-GDPR.
  • Ensure that appropriate documentation in the form of policies, standards and procedures is created and managed to support the various security, compliance and audit requirements.
  • Provide guidance and support to IT and business to ensure continued compliance with the various mandates.
  • Endorse and support a compliance culture whereby employees are encouraged to seek clarifications and support for the company’s compliance initiatives.
  • Must be able to build relationships with technology and business teams across the company.
  • Interact routinely with assessors, auditors, service providers, consultants/advisers, law enforcement agencies and professional organizations.COMPETENCIES:
  • Demonstrated experience in implementing compliance framework such as COSO, COBIT, ISO 27001, etc.
  • Intimate understanding of Sarbanes Oxley (SOX Compliance requirements and IT General Controls.
  • Thorough knowledge of PCI related standards including PCI-DSS, PA-DSS, ASV guidelines and other support documents.
  • Familiarity with a broad range of IT and Information Security products and technologies such as identity and access management, vulnerability management, encryption and key management, logging and monitoring and application security.
  • Familiarity with cloud and SaaS-based environments and technologies with associated auditing methodologies.
  • Expert presentation, documentation and communication skills.QUALIFICATIONS:
  • Bachelor’s or Master’s degree in a computer or information management field or similar work experience.
  • At least one of CISSP, CISA, CISM, CSA, QSA preferred.
  • Strong attention to detail, influencing and problem resolution skills.
  • 5-7 years’ experience in an information security compliance, audit, risk management or ISA/QSA role with hands on experience in a multitude of compliance initiatives.
  • An outgoing personality is a MUST for this position.

Go to all jobs

    Emaculate Solutions
    Technology is at the heart of what we do.We offers professional services that help organizations reach there goals.

    PHONE

    +1 800 995 6573

    EMAIL

    info@emaculatesolutions.com