Email me newest jobs similar to this one
18 days ago
Med Trans
Location: Texas, United States
Job type: Permanent
Sector: IT & Communications
Category: Senior Manager
Position Summary

The IT Security and Compliance Manager will assess and/or oversee all IT-related compliance issues across AMGH including information security, privacy, identity management, user access and data integrity. This includes providing objective risk assessments of the company's compliance with regulatory, commercial and organizational requirements governing the organization's information technology systems. The IT Security and Compliance Manager will also direct development/implementation of policies, procedures and controls to ensure that the organization's practices remain observant to all pertinent local, state and/or federal laws and industry standards. In this role, will work directly with non-IT compliance professionals such as legal, which includes corporate compliance, as well as the business units to ensure organizational alignment.

Duties and Responsibilities

* General Compliance

* Determine and maintain an inventory of all regulatory, commercial and organizational technology compliance requirements

* Facilitate the creation and/or modification of technology compliance policies

* Create an IT compliance risk assessment framework and periodically assess the regulatory, commercial and organizational, inherent and residual IT compliance risks

* Identify the associated IT compliance control gaps and oversee the documentation, implementation and testing of the entire IT compliance control portfolio

* Implement and maintain an IT compliance issue management tracking and resolution process that will address known issues, according to severity and potential impact to the organization

* Report the levels of IT compliance risk and control effectiveness to key stakeholders

* Coordinate audit-related tasks such as ensuring the readiness of IT managers and their organizations for audit testing and facilitating the timely resolution of any audit findings

* Assist business and IT managers with the acquisition of tools and expertise to assist with IT compliance-related projects and initiatives

* Regulatory Compliance

* Work with corporate legal and compliance representatives to identify all related IT compliance requirements (i.e., security, user access, privacy, data integrity, etc.) associated with the laws and regulations within all relevant jurisdictions

* Ensure all related IT compliance policies are updated, based on any relevant regulatory changes or new laws

* Conduct necessary IT compliance control monitoring and testing activities to determine the effectiveness of the controls

* Remediate IT compliance control deficiencies

* Organizational Compliance

* Work with IT and business representatives to identify the goals and objectives of the organization and translate them into IT compliance requirements such as IT security and user access policies and controls

* Evaluate any related external frameworks or standards (e.g., ITIL, COBIT, NIST, etc.) or internal standards (e.g., code of conduct and acceptable use) to determine the relevant IT compliance requirements and controls

* Identify any gaps between the desired level of compliance and the current level of maturity

* Implement the required IT compliance policies and controls to meet the desired level of compliance maturity reflected in a given standard or framework

* Oversee the monitoring and periodic testing of IT compliance controls to ensure ongoing adherence, with a given standard or framework

* Identify and resolve any issue of noncompliance, with a related standard or framework

Qualifications

1. Education:

* Undergraduate degree in the field of law, computer science or business administration; graduate degree in one these fields preferred

* Industry-related legal, compliance, information security management certification is preferred

1. Business Knowledge and Technical Experience

* 5+ years' experience working in the IT field

* 3-years' experience managing compliance assessments within a corporate setting

* Proven experience developing and submitting IT audit and compliance reports to internal groups, legal entities and/or external authorities

* Experience in planning, organizing and developing information technology policies, procedures and practices

* Strong written and oral communication skills, particularly with government/legal agencies and external/internal auditors

* Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues

* Excellent knowledge of technology environments, including information security, encryption methods and privacy-based solutions

* Understanding of computer systems and integration capabilities

* Solid understanding of project management principles

* Ability to translate understanding of the organization's goals and objectives into compliance requirements

1. Skills and Personal Attributes

* Ability to establish credibility and positive working relationships with a wide range of corporate personnel, including field operations, management, executive and legal staff as well as external personnel, including auditors and regulators

* Proven leadership ability

* Ability to set and manage priorities judiciously

* Ability to present ideas in business-friendly and user-friendly language

* Exceptionally self-motivated, directed and detail-oriented

* Superior analytical, evaluative and problem-solving abilities

* Ability to motivate in a team-oriented, collaborative environment

Working Conditions and Physical Environment

* Must be able to work in a high-paced team environment

* Work is normally performed in a typical interior/office work environment

* No or very limited exposure to physical risk

* May be required to sit for long periods of time

* No or very limited physical effort required

Email me newest jobs similar to this one

  Back to the top