IT GRC Manager

EDUCATIONAL QUALIFICATION

1. Bachelor’s Degree or equivalent in IT or security related field from an accredited university.
2. Holding at least one security certification is preferable

KEY SKILLS AND EXPERIENCE

1. Experience in related industry with insight and understanding of IT policies, standards and procedures
2. Thorough Knowledge and understanding of IT Risk, Compliance and Cybersecurity Frameworks
3. Ability to develop standards and guidelines based on best practices and industry standards
4. Ability to implement IT policies, standards and procedures leading to substantive improvements in compliance with large scale companies
5. Strong analytical & problem-solving skills
6. Excellent interpersonal, communication, and presentation skills, including formal report writing experience
7. Ability to manage multiple tasks, deadlines and resolution of issues

KEY RESPONSIBILITIES

1. Lead the organization-wide compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies and regulations.
2. Implement and manage a strong IT Governance program & handle both internal and external IT process
3. Maintain a deep understanding and advanced knowledge of commonly used governance, risk and compliance frameworks
4. Prepare schedule for periodic reporting. Develop and operationalize metrics and reporting activities to continually report on compliance for operational and executive leadership.
5. Work with the ERM team and ensure risk readiness for the entire IT landscape
6. Serve as an advisor to process owners, providing expertise and influencing decisions regarding governance and compliance
7. Responsible for creating, reviewing, and updating IT Audit policies & procedures and standards documents
8. Coordinate and track all information technology related audits including scope of audits, parties involved, timelines and outcomes.
9. Work with customers, external auditors, and outside consultants as appropriate on required IT assessments and audits.
10. Maintain excellent relationships with audit entities and provide a consistent perspective that continually puts the organization in its best light.
11. Define and document business process responsibilities and ownership of the controls in GRC tool. Schedule regular assessments and testing of effectiveness and efficiency of controls
12. Implement a risk assessment framework and program that align to regulatory requirements, ensuring documented and sustainable compliance