Manager IT Compliance

The Manager IT Compliance will oversee and manage our company SOX, PCI, and related IT compliance obligations. The ideal candidate will have a mixture of security, risk and IT compliance skills with a history of managing and delivering complex compliance projects on time and within budget. This role will supervise multiple teams of compliance specialists and act a central point of contact for the organization for all compliance matters.

• Provide leadership, guidance and direction to the Security & IT Compliance team and related stakeholders
• Act as a central contact person for the organization for all matters related to Security & IT Compliance
• Define and maintain the Security & IT Compliance framework for the various IT Compliance disciplines including people, process and technologies needed to maintain compliance
• Design, specify, implement, and monitor internal controls which help to ensure that AUSA is compliant with relevant laws and regulations, internal policies and standards, and other requirements
• Evaluate IT controls and drive the remediation of control weaknesses, communicate to respective compliance stakeholders
• Supervise the performance of risk assessments, self-audits and establish performance metrics against control-related policies and procedures
• Provide recommendations for meeting compliance requirements and manage any exceptions to closure
• Develop and deliver multi-faceted training/awareness programs to teach staff the importance of compliance, and the ways in which compliance is maintained with laws and regulations, internal policies and standards and other requirements
• Maintain an up-to-date and thorough understanding of all requirements which AUSA must comply, including laws and regulations, contractual commitments, internal policies and procedures
• Provide oversight to compliance activities when interacting with third parties/vendors. Review contractual agreements, ensuring IT compliance adherence is stipulated
• Prepare/perform/approve performance evaluations and development plans; Interview/approve personnel for hire
• Manage vendor relationships, ensures the vendors are responsive to company needs
• Negotiate with legal on all contracts, statements of work and maintenance agreements to ensure compliance
• Participate in budget planning and analysis

• A bachelor's degree in Information Technology, Computer Science, or related fields, with 8+ years of experience in cybersecurity, IT compliance, or auditing, particularly in PCI and Sarbanes-Oxley (SOX) regulations
• Direct leadership experience (ideally in a matrix environment), as well as managing external resources
• Strong communication, project management, and team collaboration skills are essential for working across departments and with auditors
• Knowledge of IT general controls (ITGC), access management, change management, and system development. Familiarity with security and compliance frameworks (e.g., SOC 1, SOC 2, ISO 27001) is essential
• Experience in assessing and managing IT-related risks that impact financial reporting and auditing
• Ability to design, implement, and monitor compliance programs, ensuring that IT systems and controls meet SOX and PCI regulatory requirements
• An in-depth understanding of process governance, risk and compliance discipline. Knowledge of the latest trends in the management of Security & IT Compliance
• Ability to organize, plan, execute and supervise multiple major projects with minimal supervision
• Previous senior leadership exposure / comfortable engaging with senior level stakeholders
• Strong relationship development skills
• Strong organization, problem solving, and presentation skills
• Excellent communication and interpersonal skills
• A current PCI ISA or QSA certification and recent experience is highly desirable
• Security certifications such as CISSP, CISM, CISA, and CRISC are a plus