Manager of Information Technology Governance, Risk, and Compliance

Compensation Grade:

15

BASIC PURPOSE:
 

Collaborates with the Enterprise Risk Management department, Internal Audit, and other regulatory entities in the design, review, documentation assessment and testing of the internal controls within Information Technology departments in support of regulatory compliance. Conducts monitoring and testing to verify Information Technology departments’ compliance with internal controls established in the Information Security Policy, Information Technology procedures, and general information technology control documentation.

ESSENTIAL FUNCTIONS:

• Leads IT compliance efforts, including control testing, documentation, SOX assessments, and maintaining regulatory records.
• Develops and maintains governance frameworks, risk assessments, and compliance routines in collaboration with IT stakeholders.
• Coordinates internal/external audits and regulatory exams, supporting data collection, meetings, and SOX testing.
• Implements control monitoring programs and evaluates the effectiveness of IT controls to meet regulatory requirements.
• Manages GRC systems, tracking audit and risk issues, and linking data across IT, business continuity, and information security.
• Conducts vendor assessments and presents evaluations on controls, financial viability, and compliance to management.
• Oversees IT policy lifecycle, ensuring centralized storage, timely reviews, and updates to standards and procedures.
• Facilitates incident reviews and compliance meetings, producing reports, dashboards, and ensuring adherence to IT policies.

KNOWLEDGE, SKILLS, ABILITIES: 

• Knowledge of the Sarbanes-Oxley Act of 2002 and Control Objectives for Information Technology (COBIT), National Institute of Standards and Technology (NIST), International Organization for Standardization (IOS), and Information Technology Infrastructure Library (IDL) standards and their application to information technology organizations internal control design, testing, and assessment.
• Experience supporting and maintaining governance, risk, and compliance technologies.
• Must possess excellent writing skills and demonstrate mastery of grammar, punctuation, and spelling.
• Must be detailed-oriented.
• Must be able to work independently, demonstrate initiative, possess strong organization skills, and have a proven ability to work with all levels of management.

MINIMUM REQUIREMENTS

• A bachelor’s degree or three or more years of experience in information technology system auditing or controls compliance in a regulated environment, or the equivalent combination of education and experience is necessary. 
• CISA and/or CRISC certifications are a plus.

Work Location: This individual must reside within commuting distance from our Atlanta, GA office. This position may not be filled in New Jersey, either in-person or remotely.

Work Schedule: Onsite with an opportunity to work remote partially.

Visa Sponsorship: Applicants must be authorized to work for ANY employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time.

We are an equal opportunity employer.