GTIL Manager- IT Compliance

Grant Thornton International Ltd (GTIL) is the umbrella legal entity for the Grant Thornton global network of member firms. GTIL sets the strategic direction, convenes member firms, connects global communities, and protects the brand and reputation of the network. GTIL and the member firms will continually improve the sustainability of their operations and strive to make a positive impact on clients, people, markets, and the communities in which we operate, in line with the UN’s Sustainable Development Goals (SDGs).

About the role

Overall role purpose The overall purpose of this role is to support Grant Thornton International Limited (GTIL) in its efforts reduce risk and to remain compliant with standards and regulations that apply to our legal entity. This includes working with the various business and technical teams within GTIL to define, collect, evaluate, and submit evidence for compliance assessments and audit, to help create a safe, reliable, and efficient technology environment while mitigating potential security threats, and also assist in ensuring that new technology implementations meet the standards and requirements specified by the Cybersecurity Team.  The IT Compliance Manager will work closely with GTIL Cybersecurity operations, the GTIL IT operational teams, and our IT Procurement team.  Main responsibilities

• Review  standards/regulations such as GCCR, ISQM1, SOC2 and other standards relevant to operations and define necessary internal procedures for implementation.
• Collaborate with stakeholders to implement policies/procedures meeting control needs.
• Assist in evidence collection for compliance assessments/audits.
• Implement and maintain security strategies for systems/applications, ensuring compliance with industry standards.
• Plan and assist in the execution and remediation for identified software/infrastructure vulnerabilities as identified by the Cybersecurity team.
• Conduct regular internal security inspections to ensure system compliance.
• Coordinate with GTIL Cybersecurity to implement automated security monitoring for threat detection.
• Document compliance processes and incident response plans.
• At the direction of the GTIL Cybersecurity team, respond to security incidents and contribute to disaster recovery planning. 

Person specification

 

• Quick learner and self-starter with the ability and confidence to execute their responsibilities with limited oversight.
• A problem solver creative in finding solutions to issues or approaches to meet a need.
• A team player willing to take on additional responsibilities as needed and able to adapt to changing priorities.

Experience

• Experience with regulated professional service firms and their compliance requirements and processes.
• Deep understanding of various security frameworks, tools, and programming languages. 
• Strong organizational skills to track and manage evidence for multiple compliance efforts and hundreds of controls from several different teams.
• An understanding of NIST standards and SOC2 compliance
• Experience in working with a global, virtual team.
• Strong understanding of Infrastructure, Operations, and Application Development.
• One or more industry recognized Cybersecurity certifications.

Experience – desirable 

• Understanding of ISQM1

At Grant Thornton, we believe in making business more personal and building trust into every result – for our clients and you. Here, we go beyond your expectations of a career in professional services by offering a career path with more: more opportunity, more flexibility, and more support. It’s what makes us different, and we think being different makes us better.