IT Compliance Manager

Pay:  $105,000 - $150,000

The pay listed is the salary range for this position. Any specific offer will vary based on the successful applicant’s education, experience, skills, abilities, geographic location, and alignment with market data.

You may be eligible to participate in a Company incentive or bonus program.

Benefit Information:

ABM offers a comprehensive benefits package.  For information about ABM’s benefits, visit:

https://www.abm.com/wp-content/uploads/2023/11/2024-Recruitment-Staff-Mgmt-11.6.23.pdf

Essential Functions:

• Supervise activities of the IT risk management program, including but not limited to assigning and prioritizing the work of the risk analysts.
• Monitor open items for risk remediation through closure.
• Frequently interact with business units to understand their plans, risk posture and tolerance, and how to support their vision and business obligations with security and risk in mind.
• Enhance risk management practices by reviewing and maturing policies, standards, and procedures.
• Ensure comprehensive assessments of core technology systems are conducted on a regular basis to identify potential risks and vulnerabilities.
• Collaborate with key stakeholders across the organization, including technical and business teams, to provide guidance on key initiatives to help manage risk.
• Develop and report on measurable metrics to analyze data (trends, new risks, etc.)
• Provide oversight of third parties / vendors to safeguard the organization against undue risk.

Required Qualifications:

Education: 

• Bachelor’s degree in Information Technology, Computer Science preferred.

Experience: 

• 3-5 years in Risk Management, IT Compliance, or Information Security, preferably in a regulated industry.
• Strong understanding of regulatory requirements (e.g., SOX, GDPR, HIPAA, PCI), industry standards (e.g., ISO 27001/2, ITIL, or NIST), and best practices in IT governance and compliance.
• Familiarity with IT security principles, technologies, and methodologies.
• Proven experience in conducting risk assessments and developing risk mitigation strategies.
• Administration and/or familiarity with network and host configurations, application security, cloud services, third-party risk management and role-based access.
• Understanding of vulnerability and configuration management, and familiarity with a variety of technologies and applications.
• Attention to detail and ability to work independently with little supervision.
• Effective communication and interpersonal skills with the ability to collaborate with stakeholders at all levels of the organization.
• Excellent analytical, problem-solving, and decision-making skills.
• Ability to present ideas in business-friendly and user-friendly language.
• Strong level of experience using the MS suite of products.
• Excellent organizational and time management skills, with the ability to multi-task and prioritize work.

Preferred Qualifications:

Experience: 

• Prior team leadership experience preferred. Ability to adapt in a fast-paced and dynamic environment with a proactive mindset.

Certifications: Professional certification such as: CRISC, CISSP, CISA, CGEIT, GCCC, GSEC and GISP.