Director IT Governance And Compliance

  • 0
As  The  Director,  IT Governance and Compliance You will lead an enterprise IT Compliance Team responsible for all aspects of our compliance programs.  This includes responsibility for and managing /coordinating IT governance and compliance activities, enterprise wide. The Governance, Risk, and Compliance management of the IT operations that specifically address the Internal Control over Financial Reporting (Sarbanes-Oxley “SOX” 404) the adherence to SOX is significant portion of the responsibilities and requires in-depth policy, process, governance, and operational execution knowledge of risks, controls and the internal/external execution of controls that enhance compliance requirements as well as enterprise IT’s services.  The individual will be responsible for risk/scoping analysis, IT policy management, process documentation, artifact collection, audit-readiness assessment and internal and external coordination with IT and audit resources   .                                                           What you’ll do Oversee the deployment and maintenance of a IT Compliance and Risk Assessment model for IT Ensure adoption of TBI's IT policies, procedures, and controls Define and implement process improvement initiatives supporting the IT organization Lead IT Leadership to ensure SOX process documentation is current and accurate for all IT areas Maintain the IT scorecard, facilitating the update and review of key IT metrics, as well as improvement planning as it relates to our compliance programs Provide strategic compliance road maps and the overall IT strategy as an outcome. Establish and maintain influential and coaching relationships with control and process owners to proactively assess business as well as aligned IT risks and develop risk mitigation Develop measureable IT audit plans and policies, SOPs, and IT Controls Partner and manage 3 rd  party vendors to ensure controls are in place, effective, and auditable, including  evaluating SOC1 reports for compliance with IT General Controls Work with company's internal & external auditors to ensure continued compliance with regulatory (SOX, Privacy, HIPPA, etc) requirements and internal control standards, serving as central point of data gathering Evaluate general and specific training needs; deliver training to support the control environment & associated control framework; communicate governance & compliance objectives, fostering a compliance & risk aware culture Communicates IT control impacts, issues, and strategic direction to team and to company stakeholders.  Drives the execution of multiple work streams and projects related to IT controls and compliance reporting Develop and socialize appropriate metrics and dashboards to help communicate and align on current health Establish both processes to be “audit ready” at all levels of the organization and ensure an environment/culture of audit / regulatory awareness  Strong knowledge of ServiceNow or related IT Service Management (ITSM), Asset Management and GRC solutions. An SME level of understanding of the processes for IT governance, risk and compliance discipline   . Establish and deliver IT Governance & Compliance educational awareness program for IT organization to be conducted quarterly. Establish and manage monthly GRC performance scorecard Ability to work with all levels of internal and external clients. Willingness to collaborate with subject matter experts and team members to complete compliance delivery requirements and other business deliverables. Strong project management skills and the ability to supervise others in the completion of projects within timelines. Strong attention to deliverables with accuracy and efficiency   What you bring to the table Masters or Bachelor’s degree in Information Technology, Business, Finance, or Engineering;  Master’s Degree preferred 10 years’ work in progressively sophisticated roles with emphasis IT Operation, delivery or development services including both QA, IT Change Management, Security audit and process improvement Excellent verbal, communication and presentation skills Strong problem solving & analytical skills Subject matter understanding of COBIT, ISO, ITIL, NIST, COSO and associated processes Strong business acumen, including financial controls (SOX, PCI, HIPPA and other) Experience with PeopleSoft, Lawson, Workday and other major ERP applications 3+ year experience with large scale applications/system environmentPreferred Certifications: Certified Information Systems Auditor (CISA), Certified Risk and Information Systems Control (CRISC)   ,  Certified in the Governance of Enterprise IT (CGEIT)   ,  Certified Information Security Manager (CISM)   ,  Certified Information Systems Security Professional (CISSP)   As a TrueBlue employee you can Make a difference in other peoples’ lives. Be a part of a dynamic and diverse team. Be recognized for your contributions. Grow and develop personally and professionally.     TrueBlue, Inc. is the nation's leading provider of industrial staffing and outsourced workforce solutions. Publicly traded since 1995, the company provides work opportunities to over half million people through firms such as:  Centerline, CLP Resources, HRX, Labor Ready, PeopleScout, PlaneTechs, Spartan Staffing, Staff Management, and StudentScout.   At TrueBlue  We believe in creating limitless possibilities for employees, workers and customers.  We are guided by our values: Be Passionate, Be Accountable, Be Optimistic, Be Respectful and Be True.  TrueBlue provides an excellent benefits package, which includes: 401(k), Employee Stock Purchase Program, Tuition Reimbursement and comprehensive Health and Welfare coverage including Medical/Dental/Vision and prescription drug benefits.     We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation, gender identity or any other characteristic protected by law.