IT Compliance Job Description
IT compliance
provides expertise as it relates to IT Audits and enhancing our client’s controls environment based on FISCAM and NIST Special Publications and Standards.
IT Compliance Duties & Responsibilities
To write an effective IT compliance job description, begin by listing detailed duties, responsibilities and expectations. We have included IT compliance job description templates that you can modify and use.
Sample responsibilities for this position include:
Understand corporate standards and processes regarding infrastructure maintenance and deployment, and assist local IT service provider executing the processes
Develop a program to monitor adherence to regulatory requirements the company’s Information Security Policies and Standards
Act as primary interface to all internal customers to Information Security
Assist in development and tracking of accurate and relevant information security process and operational metrics
Evaluate and monitor the production of, transmission and use of electronic Protected Health Information (ePHI) and other sensitive information
Understand relevant business processes and their implications on information security
Assist with response to assessments of information security program controls
Maintain information security risk identification, tracking and mitigation processes
Assist in defining monitoring measures to detect and ensure correction of security breaches and policy violations
Monitor the effectiveness of the company wide information security program
IT Compliance Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for IT Compliance
List any licenses or certifications required by the position: CISA, CISSP, CISM, PCI, CIA, ISO, URAC, CPA, CRISC, CGEIT
Education for IT Compliance
Typically a job would require a certain level of education.
Employers hiring for the IT compliance job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and University Degree in Computer Science, Information Systems, Business, Accounting, Finance, Information Technology, Education, Business/Administration, Engineering, Management
Skills for IT Compliance
Desired skills for IT compliance include:
COBIT
PCI
IT internal controls and familiar with IT standards
NIST
IT processes
HIPAA
SOX
Standards
COSO
Database
Desired experience for IT compliance includes:
MS SSIS
Possesses strong interpersonal and team building skills
Performing risk assessment analyses for the current technology processes newly identified processes
Performing Pre and/or Post System implementation reviews in support of Financial System implementations
Managing the documentation of new or existing IT General and Application controls update existing documentation to reflect changes in the process or controls
Assisting with the development of effective remediation plans for control deficiencies
IT Compliance Examples
1
IT Compliance Job Description
Job Description Example
Our company is looking to fill the role of IT compliance. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for IT compliance
- Manage internal and external audit activities, including client, financial and operational audits, and compliance with SOX and other IT controls
- Stay current on generally accepted auditing standards and IT security best practices, and advise on applicability in our environment
- Demonstrate initiative by proactively reviewing/assessing audit and desk procedures and recommend improvements
- Assess the design and operating effectiveness of information technology general controls automated application controls to support Sarbanes-Oxley 404 compliance
- Supervisory responsibilities included in the role
- Proactively review IT implementation plans (both new installs and upgrades to existing systems) to insure the team and the agency are compliant with all internal and external controls
- Foster a strong working relationship with internal and external audit and compliance teams
- Stay current on new and revised company policies and procedures, and work with department leadership and SMEs to proactively improve processes
- Review client contracts to ensure we have the ability to adhere to client requirements around data and information security
- Own the change management process within the IT team, including training, ongoing compliance, and improvement of the overall process
Qualifications for IT compliance
- Testing the controls documented and communicating results in work papers and written reports to all levels of management
- Assisting with executing testing for quarterly 302 requirements, and monitoring company-wide internal control deficiencies
- Working with the company's external auditors to provide understanding of areas documented and results of testing
- Cross Functional Team Management Experience preferred
- CISA, CISSP, are desired but not required
- Soft skills are essential as an IT Compliance Manager may be required to assist in clarifying technical concepts to personnel with only a basic understanding of the topic or to present a technical environment or concept to non-technical staff
2
IT Compliance Job Description
Job Description Example
Our company is growing rapidly and is hiring for an IT compliance. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for IT compliance
- Ensures executive leadership is proactively apprised on audit and SOX testing concerns
- Conduct analysis to determine whether current contracts are on file
- Conduct assessment, analysis of and monitoring across GTI in relation to the Supplier Management Office Scorecard, identify gaps and derive action plans to remediate
- Monitor issues identified for resolution and work with the suppliers, GTI, and Supplier
- Review reports to identify trends and determine the need for further actions/controls
- Develop Scorecard management and monitoring processes
- Document processes GTI and suppliers will follow
- Implement processes and provide ongoing support to GTI and suppliers
- Document monitoring processes’ communicate and execute
- Complete ongoing reviews of processes and identify areas to enhance
Qualifications for IT compliance
- Strong documentation skills that meet auditor and analysts needs and drives understanding of best practices and minimum requirements develop work papers and justifications in support of their opinions
- A strong understanding of audit methodology and sampling techniques
- Ability to document and present information using insight, logic, and data
- Ability to solve problems by identifying the root cause of control gaps
- Strong partnering skills to proactively contribute while maintaining objectivity
- Demonstrated proficiency of technology auditing control disciplines including thorough knowledge in two or more and general knowledge in relevant areas of technical specialization (security, application development, change management, or operations)
3
IT Compliance Job Description
Job Description Example
Our innovative and growing company is hiring for an IT compliance. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for IT compliance
- Provides regular updates to the IT SOX Compliance manager and VP Financial Policies and Controls regarding the status of the SOX testing plans, the issues identified, and the decisions regarding the solutions to address the identified problems
- Play significant role in the implementation of major projects and initiatives related to auditing automation software and applications to manage governance tasks and SOX financial reporting functions, including the implementation of the SAP GRC platform
- Provide Supplier Management Risk advice and counsel to the GTI Executives and Management, eg
- One of the key activities will be to partner with the Supplier Management & Governance Office in structuring the control testing program which addresses requirements from OSFI as they related to the B-10 guidelines for effective oversight of third party service provider relationships
- Prepare and analyze GTI’s supplier management risk profile, recommend and oversee risk mitigation processes and communicate regular reviews to GTI Risk Representatives and Sr
- Provide risk advisory role relative regulatory programs and supplier management risk activities / reports, ensuring GTI areas are appropriately prepared
- Creates and leads Supplier Risk Management related strategies which ensure leading edge processes, and supplier management risk programs as outlined by OSFI’s B-10 Guidelines
- Lead the implementation of Supplier Management Risk Management Framework in GTI areas
- Relationship management with GTI areas, T&O Supplier Management Office, Procurement, Supplier Management & Governance, Audit and related CoG’s
- Provides leadership and support to proactive governance practices with executive reporting (eg
Qualifications for IT compliance
- Experience with technology audits within large multinational companies, including documentation of system flows and controls, and performance of pre & post implementation reviews to ensure proper system development methodology adherence, adequate control design
- Bachelor¿s Degree in Management Information Systems, Information Systems, Finance, Accounting, or related discipline, or equivalent work experience
- 5 to 7 years IT audit, internal control consulting, or risk management experience for the financial services industry utilizing various automated tools and techniques
- 5+ years’ experience in Big 4 Public Accounting or IT Internal Audit
- Knowledge of Accounting and Financial Reporting and how they are impacted by IT systems
- Experience evaluating ITGCC of Media and Entertainment systems
4
IT Compliance Job Description
Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of IT compliance. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for IT compliance
- Leads full strategic alignment of the group’s services to Supplier Management & Governance and various 2nd line of defense CoGs
- Provides leadership and support to the development and ongoing maintenance of proactive and effective controls in GTI to mitigate risks to an acceptable level and ensure requirements are met from regulators and governance bodies
- Provides leadership and support to the development of proactive governance models and control frameworks, for GTI to have appropriate control points and MIS reporting to address current and potential future audit and exemptions issues
- Ensures tracking of all GTI assessments conducted by internal and external governance bodies
- Confirm auditors’ requirements and requests
- Create, disseminate, and maintain matrix of identified IT risks
- Outcomes through IT strategic initiatives
- Business direction, outcomes and future state vision
- Building functional scope of new business outcomes by setting strategic direction
- Provides highly innovative solutions including building of new capabilities or enhancement to the existing solutions
Qualifications for IT compliance
- Strong people skills, with the ability to negotiate agreements across multiple constituencies
- Must be a team player who understands we succeed as a team and fail as a team
- Minimum of 10 years of hands-on experience in information technology, demonstrating a steady growth of skills and responsibility required
- Work with senior business stakeholders to define and deliver prioritized roadmaps, strategies and solutions to meet our evolving business needs
- Ensure our existing production infrastructure, application support and environments are maintained to deliver exceptional service levels to our users and clients
- Secure IT resource requirements and budgets to deliver against the defined roadmaps
5
IT Compliance Job Description
Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of IT compliance. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for IT compliance
- Contributes to the development of innovative principles and ideas and proliferates it throughout the organization
- Provides end-to-end technology solution to solve our client's complex business problems
- Provides business system integration solutions effectively transform existing processes and information system
- Be actively engaged in industry forums and venues related to various Compliance topics
- Responsible for working with information security, IT audit, IT compliance or IT controls, assessing technical controls for databases, operating systems, networks and Enterprise Resource Planning (ERP) applications
- Ability to review and define operational and security controls for audit preparedness
- Perform periodic internal audit testing of operational controls and identify reportable issues and communicate dimension of risk and continual alignment of defined operational controls
- Ability to complete change management assessments in alignment to specified Audit frameworks and operational ITSM tools
- Ability to create new or review/update existing Policies and Procedures to align with Operational Best Practices
- Familiarity and ability to clearly explain standardized approaches to Security and Audit frameworks utilized for validation of Cloud Environments
Qualifications for IT compliance
- At least 3-5 years’ SOX experience
- Oversee all programs/projects under their portfolio and be responsible for ensuring successful, on-time and on-budget delivery of those programs/projects
- Work closely with senior management across the organization to plan and communicate the status of the IT book of work
- A minimum of 2 years of experience in technology risk management experience
- Experience in internal consulting and customer account management
- Minimum of seven years’ experience in Compliance, Audit or Information Systems related field, preferably in the financial services industry