Description:
The Controls Manager in the Global Product & Technology Risk & Reliability group will focus on supporting the R&D team control owners with controls development, maintenance, and attestation, as well as support the R&D teams by ensuring failure response activities are driven to completion as they relate to new controls, control enforcement, or modifying the scope of the control. The Controls Manager will also support the stand-up and rollout of the integrated risk assurance program to R&D teams to support a broader understanding of the risk program and roles/responsibilities across the R&D organization.
Responsibilities:
* Works with technical Control Owners to guide them through the development, maintenance, attestation and testing activities related to the security controls management process, advising the team from a technical cybersecurity, privacy, and IT controls perspective
* Maps controls to the organization's security framework, and to the appropriate testing team (ISO, SOC, PCI, Global Security, etc.)
* Creates and maintains templates and standard operating procedures that align to applicable policy, standard, and compliance requirements
* Provides recommendations to Control Owners to increase maturity and effectiveness
* Supports the Control Owner(s) when control failures occur to ensure control remediations are documented and executed upon
* Develops reporting and plans to ensure controls are maintained and attested to in accordance with policies and procedures
* Partners with Enterprise Risk, Global Security Organization, Internal Audit, Compliance, and other key stakeholders to ensure R&D controls and control activities are aligned to the organizations risk program and processes
* Develops rollout and educational strategies to strengthen the knowledge of the risk practices to the R&D organizations
* Partners with Control Owner(s) to ensure quality and accuracy of control activities information in ADP's GRC tool
* Serves as liaison between non-GPT risk roles and R&D if needed to support the risk process
* Participates in the Integrated Assurance Risk (IAR) working group to represent GPT and to align GPT's risk program to the IAR goals
* Other assignments may be assigned to support risk management projects and transformation efforts
Requirements:
* Minimum of 5 years of ITGC (cybersecurity focus preferred) experience in the risk/audit domain
* 2 years of experience developing control procedures related to technology domains such as, product development, disaster recovery, data protection, cybersecurity, identity and access management, network management, and cloud
* Working knowledge of applied industry accepted frameworks and standards for cybersecurity, privacy, and IT, such as NIST 800-53, NIST Cybersecurity Framework, ISO 27001, and SOC
* One or more technical industry certifications preferred, such as the CISSP, CISA, CISM, etc.
* Demonstrated ability to work well in both an individual contributor and team capacity within a global team
* Able to interact in a professional manner and develop relationships with individuals and teams at any level
* 1-3 years of experience using an enterprise GRC tool, such as Archer
AGM Tech Solutions, on behalf of the Client - a Global Technology Company, is hiring a
Hybrid/Remote
Position Title:
Position Summary:
Additional Perks:
- Excellent Market Rate/Salary
- Positive Work-Life Balance
- Competitive Benefit Packages Including Medical Insurance, Dental Insurance.
Company Overview:
AGM Tech Solutions is a Women-owned Firm relationship-based IT Consulting firm dedicated to Serving our Clients Nationwide. Our dedicated team strives to exceed the expectations of our clients and employees by building long term relationships based on Integrity, Trust, Hard Work, Commitment and our service experience. We offer a consultative approach to each and every client by taking the time to listen to their needs and help them get where they want to go by becoming an extension of their organization. We provide Information Technology staffing: High caliber talent for temporary support and project Deliverables. Direct IT placement services: Contract-to-Hire Direct Hire professionals for longer-term needs.
#J-18808-Ljbffr