IT Risk & Compliance Supervisor
IT Risk & Compliance Supervisor will work to implement IT general controls in support of the annual SOX audit. As an IT Risk & Compliance Supervisor you will partner with internal and external stakeholders to ensure that critical controls are implemented, documented, and reviewed in compliance with Sarbanes Oxley. Such reviews include, but are not limited to privileged access reviews, provisioning, user access reviews, separation of duties, physical access, change management, and backup monitoring. You may also assist with risk assessments, policy development, and other risk and governance related tasks as assigned. If you are interested, apply today!
· Perform privileged access review of in scope systems. This includes scoping, data pull, certification preparation, removal of access, and impact analysis.
· Maintain knowledge of current security best practices and ability to work with the organization to implement measures to protect digital identities and build IT general controls in compliance with SOX requirements
· Follows all company policies and procedures, compliance regulations, and semi-annual user attestations
· Identify and correct potential permission violations across managed application and data stores
· Generate reports ensuring appropriate access levels are maintained
· Work with internal audit, compliance, and IAM team to make recommendations for process improvements
· Document process flows and makes recommendations for enhancements to provide exceptional customer service while keeping our organization safe and secure
· Perform risk assessments including NIST CSF and other quantitative/qualitative assessment
· Manage risk register to drive continue remediation efforts of risks and associated projects
· Assist with policy assessment and development process
· Bachelor’s degree in Computer Science, IT, Business, or equivalent work or educational experience required.
· 4+ years experience working in an IT Governance, Risk & Compliance role
· Experience with IT Policy Writing
· Experience with Third Party Risk Management
· Experience teaching control owners how to implement controls
· Passionate about information security, learning, and process improvement
· Information Security certification is a plus (Security+, etc.)
Brooksource provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, national origin, age, sex, citizenship, disability, genetic information, gender, sexual orientation, gender identity, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state, and local laws.