Audit & Compliance Manager

Mid / Senior



Meytier Premier Employer

Working there

About This Workplace

Meytier Partner

Location: Englewood Cliffs, NJ

Key Responsibilities:
  • Lead the interactions with information security audit and assessments, manage relevant regulatory requirements, assist in the development of management responses, track, and monitor remediation progress till closure.
  • Provide support to customer audits and other security and compliance assessments, questions, and interactions with prospective customers.
  • Provide oversight of identifying, classifying, remediating, and mitigating risks and vulnerabilities and the policy exception request process.
  • Support the day-to-day operations by identifying potential areas of cybersecurity compliance risks by performing risk assessments, and ensuring appropriate escalation and coordination of effective corrective actions.
  • Conduct an analysis of internal policies, guidelines, procedures, and processes to evaluate the accuracy and adequacy of internal controls, operations, and reporting in the area of information security programs and processes impacting regulatory compliance requirements as needed.
  • Collaborate with various technical and non-technical teams to evaluate the effectiveness of security controls, identify and categorize risks, provide improvement recommendations, and communicate outcomes of those activities.
  • Gather requested artifacts (related to the evaluation of security controls described above, as well as other evidence of adherence to privacy and security controls)
  • Communicate emerging issues, potential risks, and audit results to key stakeholders, assist in the review, and formulate responses to issues and findings from all sources.
  • Work closely with business, technology, and compliance counterparts to understand business objectives, initiatives, and ensure alignment with security policies and best practices.
  • Contribute in the development of security policies and standards.
  • Participate in risk assessment and strategic planning and continuous improvement of the risk and compliance program.
  • Assist in the development of metrics and reports that provide management visibility into the current cyber risk and compliance posture and trends.
Desired Profile:
  • Bachelor's Degree in Computer Science, Information Technology or other relevant fields
  • 5+ years of Cyber Risk working experience. Prior information security consulting experience preferred.
  • Well versed with Technologies and continuous compliance requirements for SOC, ISO, NIST, CIS,  CCPA, GDPR, GxP/GmP and others.
  • Experience in FedRAMP, French HDS, Australian IRAP, and other international regulatory compliance for privacy and cybersecurity is a plus.
  • Must have strong experience with enterprise compliance enforcement, defining and driving related programs and performing risk assessments.
  • Expertise working with risks and internal controls
  • CISA or other certifications preferred (CPA, CISSP, CIA, CISM, etc.)
  • Experience using GRC and/or document management tools, particularly ZenGRC is a plus
  • Ability to build and develop strong relationships
  • Strong leadership skills with the ability to foster an environment of collaboration and excellence
  • Effective verbal and written communication, and presentation skills including comfort with executive audiences
  • Strong attention to detail with the ability to think from a “big picture” perspective
  • Creativity, confidence, and flexibility
  • Team player with a great sense of humor!

© 2024 Meytier - All Rights Reserved.
   Privacy Policy    Terms Of Use