Senior Manager, IT-Governance, Risk & Compliance
Senior Manager, IT-Governance, Risk & Compliance
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
WHAT YOULL BE DOING
Key Responsibilities:
- Lead the quarterly ISMS management review and reporting on the organizations technology risks.
- Collaborate with enterprise risk management function and lead IT risk management review meetings.
- Define a strategic roadmap and plan to deliver on the IT-GRC function objectives.
- Develop and maintain IT policies standards and frameworks aligned with industry best practices (e.g. ISO 27001 NIST COBIT etc.)
- Develop and implement an IT compliance management and monitoring framework overseeing the organizations compliance efforts based on industry standards (e.g. ISO27001 PCI-DSS SOC 2 HITRUST).
- Monitor and report on the organizations legal and regulatory compliance obligations including those related to legislation (e.g. GDPR NDPR Cybercrime Act NDPA).
- Develop and implement an IT risk management framework to identify assess manage and mitigate risks.
- Perform general Risk Control Self-Assessment for the department covering people process technology and suppliers assigning risk severity scores and tracking mitigation plans.
WHAT QUALIFICATIONS YOULL NEED
Must-Have Qualifications/Experience:
- Hands-on Individual contributor with strong communication (written and verbal) skills and the ability to work in a business partnering capacity whilst maintaining essential independence.
- Demonstrated track record of influencing stakeholders from different backgrounds and functions to drive risk-aware business outcomes.
- Demonstrated experience preparing and presenting risk reports to an executive and/or business leaders.
- An ability to lead strategically with a commercial focus.
Preferred Background:
- 10 years experience in a Governance Risk and Compliance role with at least 3 years interacting with business leaders and executive leadership team.
- IT-GRC background with expert level knowledge of industry practices IT processes compliance frameworks and standards (e.g. COBIT NIST PCI-DSS ITIL SOC2 Hitrust ISO 27001 etc.)
- CISA CRISC CGEIT or other relevant industry security-focused certifications preferred.
WHAT WE PROVIDE
Hugo offers a hybrid work environment that balances employee flexibility with a collegial fun office culture. We pride ourselves on offering a dynamic environment where ambitious professionals can make a measurable impact and accelerate their career. Our compensation and benefits are highly competitive.
PRIVACY STATEMENT
Any information you submit to Hugo as part of your application will be processed in accordance with Hugos Privacy Policy.
EQUAL OPPORTUNITY STATEMENT
Diversity equity and inclusion are part of our DNA. Promoting and where possible improving diversity equity and inclusion are a value-based and commercial necessity. We are an equal opportunity employer and welcome applications from all qualified individuals regardless of race sex gender identify sexual orientation neurodiversity disability or any other legally protected status
Employment Type
Full Time
