IT Compliance Lead

Role: IT Compliance LeadRemote Role - EST time zone preferredIRM technology organization is in search of a highly skilled and motivated IT Compliance Lead to guarantee our technology teams operate at “Optimized” CMMI Maturity level and have best solutions in place in meeting compliance audit requirements of ISO , SOX, SOC2, PCI, HIPAA etc.The ideal candidate will be professional, highly-analytical, technical, risk management and possess excellent written and verbal communication skills. To prosper in this role, you should have a strong audit background and be fluent in IT best practices, process, and have a good knowledge of various technology implementations and their significance. Additionally you should be comfortable being collaborative and sharing your knowledge, in a relatable and understandable way, with IT team members responsible for supporting each of these audit types.Core Experience / Responsibilities• 6-8 years’ proven experience as a IT compliance lead role in• Evaluating how an organization/IT follows their own processes and policies and in adherence to various laws and regulations globally to identify possible weaknesses or risks.• Initiating and or revising IT process and policies to meet the standards / controls of an industry recognized audit (such as ISO , SOX, SOC2, PCI, HIPAA) and highest CMMI level• Establishing a governance and adherence framework to IT processes and policies compliance• Creating and managing effective action plans in response to audit discoveries and compliance violations• Collaborating with technology/architect and internal audit team in implementing IT compliance governance/controls where applicable• Implementing, utilizing, and maintaining audit monitoring platforms such as AuditBoard• Implementing, utilizing and maintaining contemporary frameworks on process, policies and governance• Accountable to continuous compliance and continuous improvement• Leading audits of information technology systems and information security processes. i.e. program manage projects associated with audit discoveries and compliance violations (evaluated, investigated and resolved). Provide technology management on the operation and progress of compliance efforts.• Leading IT compliance areas such as ITIL (implementation reviews, project assurance etc), privileged user access deficiencies, data sharing, malware protection, monitoring, disaster recovery compliance etc• Supporting execution of the global Sarbanes Oxley testing program, including walkthroughs, testing controls, and working with our external auditors. SOX testing scope covers areas such as: automated controls, access rights, one time only controls, and IT general controls (ITGCs) among others.• Assisting in the annual SOX financial statement mapping, risk assessment, and scoping process.• Providing roll up reporting applicable to management through executives• Comfortable and confident interacting with external auditors and leadership at varying levels.Lead Experience• As a lead, demonstrate leadership ability in all aspects of the process and governance life-cycle.• Enthusiastic about working with cross-functional teams and feel ownership over the success of IT compliance mindset.• Working expertise in a collaborative environment and promoting a teamwork mentality• Managerial experience applying analytical thinking and problem-solving skills• Situationally Aware - Must be the first to notice IT process and compliance differences and issues as they arise and elevate them to management• Innovative - identify areas of opportunity to tighten processes, make tool enhancements to support a positive outcome when our teams are providing evidence of control against quarterly and annual examinations• Collaborative - understand that not all team members have a detailed understanding of audits / examinations / and control definitions. Use this understanding as an opportunity to help hone SOP’s and a shared understanding of what is needed to be successful.• Conflict resolution - Must be able to facilitate IT compliance discussion and facilitate alternatives or different approaches.• Strong sense of personal accountability regarding decision-making and collaborating with technology teams• Relevant professional certification (CIA, CISA, CPA, CA, ACCA) is good to have. Bachelor's degree in relevant field required• 5+ years of relevant experience in System Implementation reviews, SOX / IT internal controls, internal audit, corporate accounting, public accounting (Big 4 preferred ), etc.• Working knowledge of Sarbanes-Oxley Act of 2002, Section 404, including a strong understanding of IT general controls.• This role requires that the individual work independently and to independently lead and execute audits (whether IT, Integrated, or SOX).Reasonably expected salary range: $101,700.00 - $135,600.00Category: Risk ManagementIron Mountain is a global leader in storage and information management services trusted by more than 225,000 organizations in 60 countries. We safeguard billions of our customers’ assets, including critical business information, highly sensitive data, and invaluable cultural and historic artifacts. Take a look at our history here .Iron Mountain helps lower cost and risk, comply with regulations, recover from disaster, and enable digital and sustainable solutions, whether in information management, digital transformation, secure storage and destruction, data center operations, cloud services, or art storage and logistics. Please see our Values and Code of Ethics for a look at our principles and aspirations in elevating the power of our work together.Requisition: J0078641