Senior Manager, Security Controls

We are seeking an experienced and proactive Senior Manager, Security Controls, to lead our IT General Controls function.

Job Summary:

The Senior Manager, Security Controls will be responsible for identifying technology-related risks, evaluating IT General Controls, and providing strategic recommendations to strengthen our IT framework. This role involves supporting both external and internal technology audits by assessing the effectiveness, security, and compliance of our IT systems, policies, and procedures. This is a critical role for ensuring our organization meets regulatory requirements and maintains high standards in data security and operational effectiveness.

Key Responsibilities:

• Support, and oversee comprehensive technology audits, including assessments of IT General controls across the environment.
• Collaborate with external auditors to coordinate and support annual technology audits, ensuring audit requirements and timelines are met.
• Coordinate periodic SOX testing to demonstrate effectiveness of IT General Controls for all in-scope systems.
• Identify, assess, and prioritize technology-related risks across the organization, with a focus on cybersecurity, data protection, and operational resilience.
• Review and evaluate the design and effectiveness of IT General Controls, recommending improvements as necessary.
• Ensure IT processes, systems, and controls align with regulatory requirements (e.g., SOX, GDPR, PCI-DSS) and industry standards (e.g., ISO 27001, NIST).
• Support compliance teams in responding to internal and external audits and inquiries regarding IT systems and data management practices.
• Partner with IT, security, and compliance teams to provide insights on risk mitigation strategies, control enhancements and findings remediation.
• Communicate audit findings and recommendations to senior management and key stakeholders, helping to shape a culture of continuous improvement and risk awareness.
• Oversee the preparation of audit reports, including executive summaries, findings, and actionable recommendations for improvement.
• Monitor industry trends, regulatory changes, and emerging risks to refine and enhance audit methodologies and best practices.
• Implement automated audit tools and data analytics to improve audit efficiency, coverage, and accuracy.

Minimum Requirements:

• 10+ years of experience in technology or IT audit focusing on SOX and IT General Controls.

Critical Skills:

• Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP are strongly preferred.
• Strong knowledge of IT risk assessment, IT General Controls, cybersecurity, and compliance frameworks.

Additional Skills:

• Excellent communication and interpersonal skills, with the ability to collaborate effectively across functions and levels.
• Proficiency in GRC tools is a plus.

Education:

• Bachelor’s degree in information technology, Computer Science, Accounting, or a related field. Master’s degree is preferred.

The budgeted salary range for this position in the states of Connecticut and New York is $140,000.00 - 175,000.00

High Overview of Role:

This role requires a proactive leader with deep technical knowledge and exceptional analytical skills who can collaborate with stakeholders across the organization. The successful candidate will work with IT, compliance, and security teams to develop audit frameworks, assess risks, and drive actionable recommendations for continuous improvement. Responsibilities will include partnering on internal and external audits, preparing reports for senior management, and providing strategic guidance to ensure FactSet’s technology practices align with regulatory standards. This critical role will be instrumental in upholding FactSet’s commitment to operational excellence and risk

The Information Security team at FactSet drives cybersecurity governance, risk, and compliance across the Technology organization. The team is responsible for ensuring that technology systems, infrastructure, and projects are effectively managed and optimized to meet regulatory requirements. This includes promoting cross-functional collaboration, managing the lifecycle of technology initiatives, and ensuring compliance and risk management within technology operations.

Why Join Us?

This is an exciting opportunity to lead IT General Controls within a dynamic and growing organization. The Senior Manager, IT General Controls, will play a key role in fortifying our IT infrastructure and ensuring compliance with critical regulatory standards. If you are passionate about technology, security, and compliance, we invite you to apply and become an integral part of our team.

At FactSet, we celebrate diversity of thought, experience, and perspective. We are committed to disrupting bias and a transparent hiring process.  All qualified applicants will be considered for employment regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or veteran status. FactSet participates in E-Verify

FactSet is an Equal Opportunity Employer – M/F/Veteran/Disability/Sexual Orientation/Gender Identity