Information Security Senior Audit Manager

Southern New Hampshire University is a team of innovators. World changers. Individuals who believe in progress with purpose. Since 1932, our people-centered strategy has defined us — and helped us grow a team that now serves over 180,000 learners worldwide.

Our mission to transform lives is made possible by talented people who bring diverse industry experience, backgrounds and skills to the university. And today, we're ready to expand our reach. All we need is you.

Make an impact — from near or far

At SNHU, you'll have the option to work remotely in the following states: Alabama, Arizona, Arkansas, Delaware, Florida, Georgia, Hawaii, Idaho, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Mississippi, Missouri, Nebraska, New Hampshire, New Mexico, North Carolina, North Dakota, Ohio, Oklahoma, South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Virginia, West Virginia, Wisconsin and Wyoming.

We ask that our remote employees have access to a reliable internet connection and a dedicated, properly equipped workspace that is free of distractions. Employees must reside in, and work from, one of the above approved states.

The opportunity

The Information Security Senior Audit Manager reports directly to AVP of Governance, Risk, Compliance & Privacy. You will perform compliance assessments, review security policies, standards, and procedures, and conduct in-depth examinations of our technical infrastructure, systems, and networks in preparation for internal and external audits. You will manage internal and external audits to include oversight to the provision of evidence and preliminary and final reporting. The Information Security Senior Audit Manager evaluates our compliance with relevant laws, regulations, and organization policies to ensure adherence and mitigate legal and regulatory risks. They provide detailed audit reports, communicate findings to management, and work with partners to implement corrective actions and enhance our overall security posture. This role can be 100% remote working in our approved States (see job posting). #LI-Remote.

What You'll Do:

• You will evaluate the compliance status of systems across the assigned business area(s) requiring specific security controls and manage the gaps
• You will manage internal and external compliance audits, and provide oversight to the collection of evidence
• You will foster relationships with partners as a trusted partner and subject matter expert in compliance
• You will support partners in understanding relevant standards/regulations
• You will provide oversight to partners on the development of System Security Plans
• You will lend expertise to the development of Plans of Action and Milestones (POAM)
• You will coordinate data gathering exercises and completion of external information security program inquiries and questionnaires, and related GRCP programs
• You will support the development and ongoing maintenance of auditable process, procedure and policy documentation
• You will collaborate with ISMO and ITS to assist with security assessments and reviews
• You will prepare reports and present recommendations
• You will maintain a current understanding of applicable information security regulatory requirements from financial aid, FTI industry sources
• You will help develop security awareness training together with other members of the Information Security GRC organization
• You will organize and manage compliance programs
• Other responsibilities or activities may be assigned

What We're Looking for:

• 7+ years' relevant experience with financial systems.
• Experience implementing GLBA Safeguards Rule (Gramm-Leach-Bliley Act), IRS Publication 1075, or similar financial system compliance program like Sarbanes-Oxley (SOX)
• Information Security experience in Higher Education industry
• Experience with FERPA, HEA, Privacy Act of 1974
• Familiar with NIST security and risk management best practices
• Information Security disciplines, tools and techniques including audit and compliance
• Identify security controls and understand how they address compliance needs
• Maintain and create security documentation

Additional Experience In:

• Bachelor's degree in a related field

• Project management experience
• Experience with audits against tax code
• Professional Certification(s): ITIL v3 or v4 Foundation, Professional Security Management Certification (CISA, CISSP or CISM)

We believe real innovation comes from inclusion - where different experiences, perspectives and talents are celebrated. So if you're wondering whether SNHU is right for you, take the leap and apply. You might be just the person we're looking for.

Compensation

The annual pay range for this position is $110,590.00 - $176,978.00. Actual offer will be based on skills, qualifications, experience and internal equity, in addition to relevant business considerations. We expect this position to be hired in the following target hiring range $122,202.00 - $165,333.00.

Exceptional benefits (because you’re exceptional)

You’re the whole package. Your benefits should be, too. As a full-time employee at SNHU, you’ll get:

• High-quality, low-deductible medical insurance

• Low to no-cost dental and vision plans

• 5 weeks of paid time off (plus almost a dozen paid holidays)

• Employer-funded retirement

• Free tuition program

• Parental leave

• Mental health and wellbeing resources