Associate Manager

Job Description

The Opportunity:

Reporting to the Director, IT Security Governance, Risk, and Compliance (GRC), based in El Segundo, CA, the IT Operational Compliance Program Associate Manager role is to manage the day-to-day operational oversight of the IT compliance program with a focus on developing and improving IT compliance programs, conducting risk assessments, and IT compliance reviews, identifying issues/areas of improvement, working with various IT teams to formulate and execute remediation plans, and reporting results to management. This position requires knowledge of, and testing practices related to; IT general controls, Application role configurations, SOD frameworks, network operating environments, network components, SAAS environments, information technology infrastructures, operating systems, servers, information security management, relational database management systems, program changes, web applications, BCP/DR, and systems development life cycles. The IT Operational Compliance Program Manager must understand and apply IT frameworks (i.e. COBIT 5), and standards (i.e. NIST, PC, SOX), and have the ability to assess security, financial, operational, and regulatory risks as they relate to the use of information technology. The IT Operational Compliance Program Manager is responsible for managing and prioritizing assignments based on the fast paced and changing environment while also ensuring high quality work product and adherence to deadlines. Strong communication, interpersonal skills, analytical abilities, and attention to detail are required.

What Your Impact Will Be:

Assist with the development and implementation of a Global SOD cross-platform methodology.

Assist with the development of IT compliance best practice program and advise internal management and business partners on the implementation of such program.

Manage companywide cross-platform and individual system User Access Reviews.

Manage companywide cross-platform SOD and individual system SOD Access Reviews.

Using a risk-based approach, ensure appropriate IT best practice controls exist, operate effectively and that information systems follow industry and corporate standards.

Collaborate with cross-functional teams to conduct various IT Compliance reviews (e.g., PCI, NIST, IT Policy Compliance, IT Best Practice) to identify compliance issues and areas of improvement in various IT processes and systems.

Work with various IT teams to facilitate timely remediation of issues and implementation of recommended improvements.

Develop and maintain documentation related to IT processes and controls.

Assist in the development and implementation of IT compliance policies and procedures.

Assist in the preparation and related response to external/internal audits and/or assessments.

Stay updated on industry regulations and standards related to IT security and compliance.

Conduct regular GAP analysis on new and updated IT controls and best practices in the industry.

Create executive level status decks and presentations on IT Compliance Program.