Job was saved successfully.
Job was removed from Saved Jobs.

Manager, IT Risk and Compliance

NPAworldwide Recruitment Network

Last Updated: 10/04/22

Job Description

Job description:

An IT Risk & Compliance Manager ensures that the organization conducts its cybersecurity processes in compliance with laws and regulations,
professional standards, international standards, and accepted business practices. These professionals perform audits at regular intervals and
execute design control systems, advising the management on possible risks that might occur, and organization policies.

The major task of a Manager of IT Risk & Compliance to protect the company against cybersecurity events, meet our customers cybersecurity
audit expectations, and communicate global security risks to allow the company to plan and adapt to an ever-changing cybersecurity landscape.
These professionals carry out the risk management process by thorough planning of business and cybersecurity related tasks, and implementing
and enforcing the policies within the organization.

An IT Risk & Compliance Manager requires detailed expertise, attention to minute details and a global awareness and understanding of the data
cybersecurity landscape .

Responsibilities for the Manager IT Risk & Compliance:

- Obtain, maintain and update ISO27001 data cybersecurity certifications globally.
- Continually refine the IT Risk Framework and its associated controls and reporting.
- Document and maintain alignment of framework IT policies and procedures with risk, quality, and compliance, while continually
communicating with the business leaders.
- Design remediation and attestation approaches to drive IT improvement actions and results as related to cybersecurity.
- Design and implement information systems controls in alignment with the organizations risk appetite and tolerance levels to support
business objectives.
- Initiate and implement cybersecurity analytics reporting systems/metrics, through the use of a global Key Risk Indicator
(KRI) program and lead quarterly updates.
- Track and actively manage the resolution of risk and control issues, including but not limited to audit findings, third party discovery
tools, quarterly penetration testing and through the use of corrective action plans.
- Maintain the cybersecurity risk register.
- Actively participate in cybersecurity audits from, including but not limited to our customers and insurance carriers.
- Provide oversight by independently reviewing, challenging, and assessing Operational & Compliance risk events, process issues,
systems issues and people issues, as related to cybersecurity.
- Responsible for developing and managing a global cybersecurity budget.
- Lead the IT Risk & Compliance staff .
- Provide technical subject matter expertise to service delivery for risk, compliance, and information security controls.
- Build, maintain, and utilize networks of client relationships and industry involvement in the cyber security community, to communicate
the companys value proposition.
- Build employee development plans to foster career growth.
- Create personal or management incentive plans for each team member, which ties to corporate or local project objectives.
- Develop succession planning within the IT Risk & Compliance team.
- Domestic and international travel are required.


- Technical knowledge of cybersecurity and compliance processes.
- Knowledge of operational technology compliance, ideally within the manufacturing services industry (not required)..
- Must demonstrate the major steps in IT risk and compliance management (identification, analysis, planning, monitoring,
reporting, and controlling risks).
- 3 + years of relevant cybersecurity experience.
- BS in Computer Science or other technical degree.
- Team management experience preferred.
- Cybersecurity certifications a lus

Candidates should be U.S. citizens. Relocation assistance is available for a qualified candidate.

Why is This a Great Opportunity:

This is a new function within the company and so is an opportunity for the Manager IT Risk and Compliance to build a team from scratch.

UPDATE from client: experience in manufacturing is ideal, but not required. Risk and compliance experience within IT is the most important.

Company Details

Grand Rapids, Michigan, United States
NPAworldwide connects you to premier independent recruiting firms located throughout Europe, Asia, Australia, Africa and the Americas. Get connected with members around the world to widen your employer pool, get specialized placements, and find perfect matches -- all at no cost. Our members are placement professionals seeking long-term fits. Working with our recruiters gets you access to relocatio...