Manager, IT Compliance and Controls

Hydro Global Business Services (GBS) is an organizational area that operates as an internal service provider for the Hydro group. Its ultimate purpose is to deliver relevant IT, financial and HR business services to all business areas within the company.
 

About the job and your team

The Manager of GBS IT Compliance and Controls is overall responsible for ensuring that the GBS managed information technology systems, processes, and practices adhere to relevant internal policies, external laws, regulations, and industry standards. Plays a crucial role in maintaining the integrity of IT operations. 

Will work closely with various stakeholders, including IT teams, business areas, and business units, to develop and implement comprehensive compliance strategies that align with the organization's goals and objectives
 

You will work on

•    Develops and maintains the GBS IT Compliance Framework that addresses internal policies, relevant external laws and regulations
•    Responsible for the creation, maintenance and management of the GBS IT Resilience framework
•    Definiton, development and maintenance the SOPs of the IT Resilience Program and Framework
•    Contribute to the development and audit readiness of the I&T Governance Framework and Program 
•    Provides guidance and training to employees on IT compliance requirements, best practices
•    As 1st line of defence IT controls manager ensuries compliance with IT controls through substantive testing and/or design assurance reviews
•    As part of GRC, support the implementation and maintenance of the I&T Governance Framework and Program
•    Constructively challenges control owners to strengthen the existing controls self-attestation process
•    Builds “self assessment”, quality system capability and process for GBS IT operations
•    Contribute to the alignments between information security, cyber security and information technology
•    Oversees the delivery of access provisioning, de-provisioning and modification requests operated by the Identity & Access Management Operations team
•    Supports the delivery of internal audits, external audits, operational risk reviews and compliance assessments of the technology management process
•    Contribute to the development and audit readiness of the I&T Compliance Framework and Program 
•    Design, implement and maintain coherent KPIs and metrics for ITCompliance, controls and resilience
•    Design, implement and maintain a standardized,  holistic monitoring and reporting framework for GBS IT to
•    oversee the maturity level and compliance status of GBS IT
•    measure and evaluate if major horizontal initiatives are integrated into the daily operations of GBS IT in a compliant manner
•    Work with Security Engagement and Awareness team on shaping communication materials at program level and support project and BAU level communications
•    Responsible for IT Compliance’s integration to GBS IT operations
•    Continuously assess, monitor, report and escalate compliance related issues
•    Contribute to the design, implementation of GBS IT’s internal regulatory framework including standards, policies and SOPs
•    Responsible for the creation and maintenance of compliance management related SOPs
•    Contribute to forming clear links between strategic initiatives and programs and program deliverables to BAU
•    Understand GBS IT program portfolio, BAU services and ensures their alignment to strategic business/IT initiatives
•    Contribute to the design and implementation of Hydro’s enterprise level data and information governance model
•    Staying up-to-date with emerging regulations, industry trends, and best practices in IT compliance and risk management
•    Participates in cross-functional projects and initiatives to ensure compliance considerations are integrated into IT strategies and operations
 

What we offer you

•    Working at the world’s only fully integrated aluminum and leading renewable energy company
•    Diverse, global teams
•    Flexible work environment/home office
•    We provide you the freedom to be creative and to learn from experts
•    Possibility to grow with the company, gain new certificates
•    Attractive benefit package
 

Your qualifications and skills

•    5-8 years experience in IT compliance, resilience and related roles
•    3+ years experience in leadrship position, 
•    3+ years experience in compliance, resilience related program management
•    Control frameworks and practices, such as CIS, COBIT, ISO, ITIL, NIST
•    Bachelor Degree
•    Globally recognized certifications such as CISA, CISM, CGEIT, CRISC, CDPSA
•    Fluent in English is mandatory
•    Ability to oversee a complex multi-dimensional ecosystem of frameworks
•    Excellent communication and presentation skills
•    Ability to work independently and within a team
•    Effective communication skills, diplomatic sense
•    Adaptable to change        
•    Stakeholder management capabilities
•    Strong problem-solving and trouble-shooting skills
•    Conflict handling
•    Coordinating, influencing people without direct organizational relationship
•    Established skills in time management, prioritisation of work and multi-tasking
•    Customer service orientation
•    Service mindedness
•    Attention to detail

Hydro values diverse skills and perspectives among employees. We encourage all qualified candidates to apply. Qualified applicants will be considered regardless of race, religion, nationality, ethnicity, age, gender, sexual orientation, gender identity or expression, protected veteran status, or disability. We strive to provide equal opportunities for all to contribute and succeed with us.

If you have any questions, please contact: 

Recruiter
Petra Willerding-Rumpler
Petra.Rumpler@hydro.com