Career Center


Main Page
List All Jobs

Job Details

Title:Lead IT Controls and Compliance
Location:Rochester, NY

Position: Lead IT Controls and Compliance
Location: Rochester, NY
Duration: Perm

Green Card and US Citizens only!

Job description
Position Purpose: 

The Information Technology Controls and Compliance (ITCC) practice is an important function within IT that promotes accountability, improves oversight and ensures monitoring of IT controls, which includes Sarbanes-Oxley Act (SOX), service auditor reports (SOC1 and SOC2) and large group audits.

The lead position will support the implementation and ongoing maintenance of IT controls and compliance. The position is responsible for consulting on control design, monitoring control performance, facilitating user access reviews, reporting IT risks and helping to provide remediation governance. Other responsibilities may include support of compliance projects, such as Sailpoint IIQ, Archer GRC, Public Cloud projects, Compliance Analytics and Robotic Process Automation

Serve as primary liaison between internal and external auditing bodies such as IT management, Compliance and Business Stakeholders.
Conduct assessments of IT risks and controls
Monitor and evaluate controls for effectiveness and efficiency to mitigate areas of risks
Support scheduled audits (HIPAA, SOX, SOC1, and various State Department of Insurance audits) with facilitation of evidence requests, walk-throughs, remediation and management responses.
Coordinate appropriate measurement efforts for process improvement
Lead remediation governance meetings with senior leaders
Support projects as subject expert to ensure controls and compliance requirements are met.

Bachelor's degree in IT, MIS, Accounting, Finance, Business Administration, related field or equivalent experience. 
7+ years of combined IT and operational auditing and control experience, including systems design or implementation experience. 
Experience in control design, development, automation, and assessment in IT systems, processes, and new implementations. 
Experience in coordinating and planning IT audits. 
Experience with specialized tools, including Oracle, MS SQL Service, MS Project and MS Office applications. 
Experience in managing complex, cross-organizational technical programs. 
Knowledge and understanding of various IT disciplines (e.g. software development, operations, infrastructure and information security). Experience with HIPAA (Health Insurance Portability and Accountability Act), SOX (Sarbanes Oxley), SSAE 16 (Statement on Standard for Attestation Engagements), ISO 27000, ITIL (Information Technology Infrastructure Library) or NIST (National Institute of Standards and Technology). Licenses/Certifications: CISA, CISSIP, MS SQL Server, CPA, OR CIA preferred. Project Management Professional (PMP) preferred.
Preferred Skills:
Prior experience in conducting IT control assessments or audits; Sarbanes-Oxley (SOX) or Service Organization Control (SOC 2) experience preferred
Demonstrated experience understanding of security principles, IT security controls, and related technologies and products

Apply to Job

Powered by: CATS - Applicant Tracking System