• IT Compliance Risk Manager

    Job Locations US-TX-Irving
    Posted Date 2 months ago(11/28/2018 9:27 AM)
    Information Systems
  • Overview


    Manages the facilitation of IT General Controls for Digital and Enterprise IT. Responsible for responding to and coordinating all inquiries from the Internal and External Audit teams related to the Technology services, initiatives, projects, platforms and products.





    IT controls –

    • Facilitate annual (or more frequent) reviews of IT controls, narratives and associated process flows
    • Perform maintenance of controls in the Controls Repository tool. 
    • Maintain IT users/assignments within the Controls Repository tool.
    • Identify recommendations for improvements to IT controls, related processes and self-assessments
    • Perform Reviews for IT Projects to identify new controls, modifications to controls or where existing controls apply


    Quarterly self-assessments by management –

    • Coordinate quarterly assessments with the IT business process owners.
    • Provide summary and consultation to Directors/VPs in signing quarterly letters.


    IT Control Owners Walkthroughs –

    • Assist control owners with maintaining documentation for walkthroughs of controls.
    • Work with Internal Audit on the scheduling and conducting control walkthroughs as part of audits.


    Coordination of controls/compliance execution –

    • Instigate performance of controls at defined times during the year. 
    • Monitoring that controls are executed and appropriately documented by the IT control owner at prescribed intervals.
    • Track areas requiring remediation and work with control owners on remediation plans.
    • Create and maintain compliance related IT corporate policies.
    • Create and maintain documentation, including process flowcharts, for IT control / compliance related processes.
    • Lead IT Risk Assessment Reviews.


    Liaison with Financial Compliance, Internal Audit and External Audit for IT –

    • IT representative for annual review and feedback for the development of the list of financially significant systems, associated business process owners and vendors that are involved in development and hosting activities for these systems.
    • Interface with internal and external audit for IT compliance related matters.
    • Work with Financial Compliance and Internal Audit on enhancements to IT Compliance, SOX audit and other areas related to compliance and controls to provide continuous improvement and value to the business. 

    PCI –

    • Manage PCI-DSS annual Assessment engagement with external vendor by acting as the single POC between the QSA and all internal stakeholders and control owners and timely delivery of required documentation to ensure annual Compliance.
    • Facilitate the annual penetration test of selected Store’s network systems promptly addressing critical findings and managing remediation of identified issues.
    • Work with control owners to address any potential issues or findings identified by the QSA during the assessment for immediate remediation or formalizing an Action Plan.
    • Work with all credit card processors to ensure their acceptance of QSA reports and/or Attestation and thus ensuring SEI full compliance with processor’s specific requirements.
    • Maintain a document depository of all artifacts and correspondence related to PCI-DSS compliance per year.
    • Provide reports to IT management and other stakeholders on the PCI Program Status on a regular basis.







    Bachelor’s Degree: B.S./B.A. in Information Systems or Accounting related fields is preferred.



    • 10yrs, Program and Project Management, PMP desirable.


    • Prominent interpersonal skills, solid project management foundation, and exceptional facilitation skills. Excellent written communication skills.
    • Thorough working knowledge of Microsoft tool suite to include: Word, PowerPoint, Excel, Visio and SharePoint.
    • CISA/CISM/CGIT certification (or other IT audit and compliance certification) ISACA.
    • IT Audit and Compliance experience (big 4 or mid 12 accounting/audit firm preferred).
    • Experience with and/or certification working with COBIT, SOX and COSO frameworks.
    • PCI Audit or audit facilitation experience.
    • Relocation assistance not provided.

    Internal Posting Dates: 11/28 - 12/8



    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed