Senior IT Risk & Compliance Specialist, GRC Policies

IDEXXs IT Risk & Compliance Group is dedicated to safeguarding the organization against various IT risks and ensuring compliance with industry standards and regulations. Key responsibilities of this team include conducting cyber risk training and assessments managing third-party risk overseeing SOX compliance and ensuring privacy compliance across global operations. The team also spearheads the development of governance policies and provides comprehensive risk management consultancy services. Led by an experienced manager the group consists of 6 seasoned professionals with extensive expertise in risk management compliance and security. Despite its size the team adeptly manages the diverse and complex aspects of IT risk and compliance within IDEXX.

As a Senior IT Risk & Compliance Specialist you will be a functional IT Security Lead influencing the business managers and leading positive changes ensuring that the organizations operations are conducted in a manner consistent with ethical business practices organization policies and legal requirements.

Location: being located near our HQ in Maine or NH is preferred but we are also open to anyone on the East Coast EST time zone.

In This Role

• Your main responsibilities will be to help create a governance program to include:
• Policy creation based on industry standards frameworks & best practice.
• Communication of the policies to key stakeholders in the organization.
• Implementation of the policies to various departments and lines of business by consulting with those teams to help ensure understanding.
• Monitoring of the policies for compliance and managing any variances.
• Establish a process to ensure policies are up to date and accurate.
• You will conduct application gap assessments to establish security requirements and perform risk assessments.
• You will be part of this team who provides risk management consulting services to various teams within the organization aiding in prioritizing issues for resolution.
• You will oversee the General Computer Control (GCC) universe identifying risks and implementing controls to mitigate these risks.
• You will monitor management against internal standards within the program acting as the first line of defense before internal audits.
• As others on the team wear 3-4 hats you will also juggle multiple roles within the team including risk identification quantification and consulting
• You will facilitate risk assessment at the operational level acting as a bridge between tactical and enterprise risks within the organization.

What You Will Need to Succeed

• 7 to 10 years of experience within IT Audit with experience with GRC (Governance Risk & Compliance) Controls Risk Assessment Project Management or Internal Audit.
• Must have expertise with Policy writing implementing policies monitoring policies and maintaining policies.
• You have one of these certifications: CISA CISM CISSP CRISC CRMA or certification eligible
• You know how to develop and implement controls and processes through frameworks like NIST COSO COBIT etc.
• You can perform and develop IT Risk Assessments.
• You managed project tasks in Agile and Waterfall methodologies.
• You think strategically and focus on achieving goals together with your team.
• You communicate successfully in person and in writing and develop strong relationships with all levels in the organization.
• You can handle difficult issues in a professional assertive and proactive manner.

What you can expect from us:

• Base annual salary target: $120000 - $140000 (yes we do have flexibility if needed)
• Opportunity for annual cash bonus
• Health / Dental / Vision Benefits Day-One
• 5% matching 401k
• Additional benefits including but not limited to financial support pet insurance mental health resources volunteer paid days off employee stock program foundation donation matching and much more!

Why IDEXX

Were proud of the work we do because our work matters. An innovation leader in every industry we serve we follow our Purpose and Guiding Principles to help pet owners worldwide keep their companion animals healthy and happy to ensure safe drinking water for billions and to help farmers protect livestock and poultry from diseases. We have customers in over 175 countries and a global workforce of over 10000 talented people.

So what does that mean for you We enrich the livelihoods of our employees with a positive and respectful work culture that embraces challenges and encourages learning and discovery. At IDEXX you will be supported by competitive compensation incentives and benefits while enjoying purposeful work that drives improvement.

Lets pursue what matters together.

IDEXX values a diverse workforce and workplace and strongly encourages women people of color LGBTQ individuals people with disabilities members of ethnic minorities foreign-born residents and veterans to apply.

IDEXX is an equal opportunity employer. Applicants will not be discriminated against because of race color creed sex sexual orientation gender identity or expression age religion national origin citizenship status disability ancestry marital status veteran status medical condition or any protected category prohibited by local state or federal laws.