Manager, IT Compliance & Audit

US-OR-Portland
3 weeks ago
# Positions
1
Status
Full-Time
Req #
16772

Overview

This position will lead the Compliance team within GRC. The position will report directly to the Director of Information Security. This is a hands-on role, that will be responsible for enhancing and developing our IT compliance program, including compliance control objective authoring, testing, and reporting, as well as achieving appropriate compliance certifications.

Responsibilities

Responsible for managing the work environment, identifying workforce needs and ensuring alignment with corporate manager expectations, values and vision as it related to IT Compliance.

  • Provides managerial guidance to user department staff on the development of local, system-specific, and application-specific information security policies, guidelines, standards, procedures, and responsibility designations
  • Responsible for managing the work environment, identifying workforce needs and ensuring alignment with corporate manager expectations, values and vision as it related to IT Compliance, Audit, and Risk
  • Coordinate activities supporting enterprise-wide IT technology audits and assessments. This includes periodic control testing efforts, as well as working with internal and external auditors.
  • Act as a primary Subject Matter Expert for IT Compliance.
  • Act as liaison between representatives from internal audit, external audit firms, Finance and IT to coordinate scoping, testing approaches, results and deficiencies.
  • Work with process and control owners to create Risk & Control Matrix for processes identified through risk assessment
  • Identify various compliance, information security and business continuity risks to the organization and makes recommendations for corrective actions/mitigation of risks.
  • Think strategically about IT control environment enhancements and be able to plan and implement change.
  • Prepare periodic reports, track program progress and report findings to GRC and IT management.

Qualifications

  • Bachelor’s degree from a four-year college preferred and/or a professional certification requiring formal education beyond a two-year college, or equivalent experience.
  • Sarbanes-Oxley / IT audit experience, as well as IT Security compliance standards such as ISO 27001/2 and SOC1/SOC2.
  • Strong understanding of IT General Controls, as well as network, OS, application and database controls.
  • Strong organizational and planning skills.
  • Strong interpersonal & influencing skills and an ability to work in a team environment.
  • Good communication skills (written & verbal) with all levels of the organization, as well as external stakeholders.
  • Ability to work with minimal supervision and deliver to tight deadlines.
  • Knowledge of Governance, Risk and Compliance Frameworks (COSO, COBIT, ISO27001, NIST, etc.).
  • Experience with GRC solutions, including building out controls and performing test work within the tool.
  • Experience participating in large business/system integration efforts
  • 5-6 or more years’ experience in a IT Audit or Compliance role or related experience.
  • 2 or more years’ experience with GRC software solutions, especially Archer and Aveksa
  • Participation in full life cycle implementations (from scoping/planning, requirements gathering, design, development, testing, go-live and support)
  • Big 4 IT Audit or Assurance Experience
  • Experience working in Lean IT/Agile/DevOps environment

Standard Insurance Company, The Standard Life Insurance Company of New York, Standard Retirement Services, Inc., StanCorp Equities, Inc., StanCorp Investment Advisers, Inc. and StanCorp Mortgage Investors, LLC, marketed as The Standard, are Affirmative Action/Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex, national origin, gender, sexual orientation, age or any other condition protected by federal, state or local law. The Standard offers a drug and alcohol free work environment where possession, manufacture, transfer, offer, use of or being impaired by an illegal substance while on Standard property, or in other cases which the company believes might affect operations, safety or reputation of the company is prohibited. The Standard requires a criminal background investigation, drug test, employment, education and licensing verification as a condition of employment. All employees of The Standard must be bondable.

 

For more information regarding your Equal Employment Opportunity applicant rights, click  here.

 

Individuals with disabilities who need assistance or accommodation with the application process should contact HR Direct at 971-321-7871.  This number is only for the use of individuals with disabilities who need accommodation with the application process.  General inquiries about application status will not be addressed.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed