IT Security GRC Compliance Program Manager

Alameda, CA

Starting Base Salary Is: $120,000-$145,000

Visa Transfer for those that have 1 year or more on an active H1B Visa

Individual compensation will vary based on factors such as qualifications, skill level, competencies, work location and shift, and will increase over time based on meeting performance and business needs.

The IT Compliance Program Manager will oversee the IT controls, processes, and transactions to ensure they follow all relevant regulatory, legal, and internal compliance guidelines.

What You'll Work On

· Develop the IT General Controls Framework, implement and manage an effective IT controls audit and compliance program for the enterprise across all domains of IT, and manage cybersecurity risk to the business.

· Ability to self-audit with limited assistance from system or service owners across all IT domains i.e., Network, Cloud, IAM, Data, Application, IoT, IT and Security Operations/ Engineering.

· Partner with peer teams and business where necessary. Expected to be self-reliant on security audits, reviews, evidence retrieval. Engage with 3rd party auditors on testing/walk-throughs and address any security gaps.

· Create and manage effective action plans in response to audit discoveries and compliance violations.

· Partner with system owners on IT services audit outcomes, risk management and compliance reporting.

· Advise management on the company’s compliance with laws and regulations through detailed reports.

· Develop, and up-keep company IT security policies and procedures. Regularly audit company procedures, practices, and documents to identify possible weaknesses or risks.

· Ensure stakeholders are educated on the latest regulations and processes. Resolve business concerns about regulatory and legal compliance.

· Maintain positive rapport with IT teams, business, and auditors through effective communications.

· Develop, self-audit, manage, and oversee IT Controls across all domains of IT i.e., Network security, Cloud Security, Infrastructure security, End-point security, IAM, Data security, Endpoint security, Application security, IT/ Security operations, ensuring internal and regulatory compliance, working with peer teams to address any gaps and report on compliance.

· Adhere to the Company’s Quality Management System (QMS) as well as domestic and global quality system regulations, standards, and procedures.

· Understand relevant security, privacy and compliance principles and adhere to the regulations, standards, and procedures that are applicable to the Company.

· Ensure other members of the department follow the QMS, regulations, standards, and procedures.

· Perform other work-related duties as assigned.

What You'll Bring

· Bachelor's degree in computer science or related field with 10+ years of experience, or equivalent combination of education and experience

· 10+ years’ hands-on experience preferred in developing, implementing, and managing enterprise IT audit, governance, and compliance framework.

· Ability to develop ITGC framework, implement and manage audit, governance, and compliance across all IT domains i.e., Network, Cloud, IAM, Endpoint, Data, Applications and Operations

· Self-reliant & motivated, with expert level understanding of IT technology stack across Network, IAM, Endpoint, Data, Applications.

· Fully self-reliant, hands-on capability across IT technology stack across Network, Cloud, IAM, Endpoint, Data & Applications. This role will be responsible for accessing and auditing, IT controls, configuration hardening, IAM configurations etc. across routers, switches, WLC’s etc. Example: Given an application domain, you will be responsible for auditing applications security stack, runtime protection, API security etc.

· Expert level knowledge of audit, governance, and compliance frameworks

· Expert level knowledge of cybersecurity risk management frameworks

· Strong knowledge of technology landscape, regulatory/legal requirements, and procedures

· Highly analytical with strong attention to detail.

· Strong oral, written, and interpersonal communication skills

· Proficiency with MS Word, Excel, and PowerPoint

· Excellent organizational skills with ability to prioritize assignments while handling various projects simultaneously.