Principal Consultant – IT Compliance Admin

Responsibilities

Drive implementation and maintenance of a GRC Framework for the Global IT function.
Conduct IT technical and process compliance assessments based on established GRC framework.
Identify gaps/opportunities/key risks and work with control/process owners to develop corrective actions to address needs.
Design and execute IT site audits to assess adequacy, operational effectiveness, and adherence to the companys policies, procedures and standards.
Conduct the annual IT policy review with business owners and technical subject matter experts.
Update and maintain IT policies in accordance with the GRC framework and the changing regulatory needs.
Educate stakeholders on governance and compliance concepts across the organization to drive consistency in the understanding and execution of IT policies and the GRC framework.
Responsible for training, mentoring, directing, and validating the work of less experienced/knowledgeable analysts.
Work with auditors and technical subject matter experts to coordinate internal and external audit requirements.
Track confirmed audit findings/issues and work with business partners and stakeholders to develop action plans to address them or implement mitigating controls.
Inspire compliance and work closely with corporate counterparts on compliance processes.
Conduct research as assigned and provide recommendations for improving the compliance position of various functional areas.
Demonstrate excellent project management skills, inspire teamwork and responsibility, engage cross-functional team members, and use current technology and tools to enhance the effectiveness of deliverables and services.

Qualifications include but not limited to:
Experience in IT Compliance, IT Security or IT Audit/Risk or combination thereof
Experience in international experience
Experience of project management
Ability to learn quickly, work independently, and maintain professional skepticism, critical thinking, strong analytical, and creative problem-solving attributes
Ability to work in a fast paced or rapidly changing environment
Strong project management/organizational and planning skills; ability to manage multiple projects simultaneously and prioritize tasks to meet project deadlines
Familiarity with and working knowledge of ISO 27001, NIST, COSO etc. Frameworks
Excellent interpersonal, oral, written and presentation skills with the ability to comfortably communicate to various levels of management and demonstrate a high degree of professionalism and integrity in all interactions
Detail oriented and attention to accuracy is key
Demonstrate strong compliance and legal issue research capabilities, and the ability to apply research results to real-world business-related issues
Awareness of cyber security and third-party risk management practices is a must.
Demonstrated proficiency in MS Office (Excel, Word, PowerPoint, and Visio) is a must
Awareness of FDA, HIPAA, PCI, Quality Systems Management, GDPR and other Data Privacy regulations.
Strong leadership skills with the ability to maintain composure in high stress situations
Strong writing/documentation skills required
Strong verbal communication required
Ability to create IT Process documents with minimal supervision
Self-motivated team-player with positive attitude.
Preferred: CIA/CISA/CISSP/CIPT/GRCP certification or working toward certification (one of these)
Languages: Must be highly fluent in English, additional languages would be highly preferred.
Coverage: Primary Eastern Standard time zone coverage but may be asked to pick up European or Asian market, as needed.

Minimum Qualifications

Preferred Qualifications