IT Compliance Manager - Control & Change

The Audit & Risk Recruitment Company have partnered with a FTSE 100 Engineering and Technology Company to assist in sourcing an IT Compliance Manager.

This is a newly created role for the company, further expanding and strengthening the Global IT Compliance function. This new team is leading the way that the company manage their IT risks and compliance agenda. They are responsible for identifying, tracking, and supporting the management of IT risks and compliance activities across the PLC. The team also manages the interfaces between IT, Internal Audit, divisional controls team as well as external audit.

The successful candidate will be playing a key role in managing various IT controls and compliance related activities and effectively communicate and advise relevant stakeholders for process improvement opportunities. The candidate is also expected to lead and drive sustainable changes and build strong working relationship with stakeholders across the business. This role report directly to the Global IT Compliance Director.

Key responsibilities

• Build and manage IT change management compliance monitoring process
• Support the refinement of the current IT risk and controls framework
• Carry out IT controls assessment for 3rd party service providers
• Support internal and external audit agenda, drive IT controls deficiencies remedial actions as well as open audit points to closure
• Raising awareness and understanding of internal controls, and by providing guidance, briefings, and training to relevant stakeholders

Technical Knowledge, Skills and Abilities

• Strong understanding of IT change management controls and processes
• Strong understanding of IT risk and controls with examples of managing IT risk, compliance or audit activities within an organisation
• Extensive knowledge of IT audit/Control practices over SAP ERP and GRC.
• Must have ability to think critically and come up with risk based remedial, mitigation or alternative control / process solutions for all cases of IT control deficiencies
• Extensive knowledge over various 3rd party control assurance reports and control reliance strategies
• Experience with IT risk management disciplines and understanding of the broader IT risk exposure
• Ability to work manage co-source providers in driving the directions of various projects and deliver results
• Self-starter able to understand complex tasks and requirements and quickly deliver results
• Excellent verbal, written communications skills, including the ability to communicate compliance concepts to both technical and non-technical audiences
• Critical thinking with strong attention to detail and follow up
• At least one professional qualification such as CISA, CISM or CISSP is desired