IT Compliance Manager

Flex is the diversified manufacturing partner of choice that helps market-leading brands design, build and deliver innovative products that improve the world.

We believe in the power of diversity and inclusion and cultivate a workplace culture of belonging that views uniqueness as a competitive edge and builds a community that enables our people to push the limits of innovation to make great products that create value and improve people's lives.

A career at Flex offers the opportunity to make a difference and invest in your growth in a respectful, inclusive, and collaborative environment. If you are excited about a role but don't meet every bullet point, we encourage you to apply and join us to create the extraordinary.

Job Description

To support our extraordinary teams who build great products and contribute to our growth, we’re looking to add a/an IT Manager Compliance located in Chennai

What a typical day looks like:

• 14+ years of total experience of which minimum of 3 years in an IT Compliance, Information Security, Internal Audit or similar role supporting IT SOX, Medical Compliance efforts among other company compliance initiatives.
• Experience in implementing enterprise information security programs based on industry frameworks such as HIPAA/HITECH, ISO 27001/27002, COSO, NIST, SOX etc.
• Strong experience in driving / leading IT control reviews, security, vulnerability, penetration tests, or assessments and evaluations.
• Strong working knowledge of IT processes, risks, and controls in the computer operations, system development, change control, and security functions.
• Ability to clearly interpret and communicate the IT threats, risks and impacts to all levels of the organization.
• Strong project management abilities as well as excellent oral and written communication skills, both verbal and written. Excellent business report writing skills.
• Knowledge of a broad range of security technologies including NextGen Firewalls, DLP, NAC, IDS/IPS, Certificate Management, Identity Access Management, Privileged Identity Management, Multi-Factor Authentication, Mobile Device Management, Endpoint protection, SIEM, Anti-malware, Vulnerability Management, etc.
• CISA, CISM, CISSP or other relevant security-certification(s)is desirable.
• Responsible for development, implementation and management of certification and compliance of the IT organization s compliance with IT General Controls (ITGCs), SOC reporting controls, IT Medical Compliance and other laws & regulations governing the Company
• Plans, designs and executes compliance testing, controls assessment and documentation supporting information security Frameworks (e.g. NIST Cyber Security Framework, ISO, ITGCs, PCI-DSS, Data Privacy, HIPAA) and other compliance requirements, as applicable

• Partners with the IT Infrastructure and Application teams to evaluate the design and effectiveness of the IT control environment and to develop and track the status of remediation efforts

• Facilitates and coordinates with internal and external IT auditors

• Provides accurate, timely communications to Global IT Security Leadership and impacted management to discuss identified deficiencies, leading practices and recommendations for implementation of modifications to improve compliance and mitigate risk

• Reviews testing and analyses performed, monitors evidence gathering for IT control reviews, evaluates results, and confirms conclusions about the adequacy of IT controls. Reviews the work performed and conclusions according to departmental standards

• Supports IT leadership in responding to internal and external queries regarding the IT control environment

The experience we’re looking to add to our team:

• In minimum 14 year experience requirement Minimum of 3 years of should be  on the following areas;
  • Experience in implementing enterprise information security programs based on industry frameworks such as HIPAA/HITECH, ISO 27001/27002, COSO, NIST, SOX etc.
  • Experience with regulations, policy, standards, procedures or other requirements which requires IT compliance (e.g. PCI-DSS, Data Privacy, HIPAA).
  • Experience performing IT control assessments over one or more of the following technical areas: Mainframe, UNIX, Windows, SQL Server, Oracle DB, Cloud Technology, or a major ERP application is preferred.
  • Experience working with SharePoint and GRC tools is a plus.

What you’ll receive for the great work you provide:

• Health Insurance
• Paid Time off

RK103

                                                      

Job Category

IT

Flex pays for all costs associated with the application, interview or offer process, a candidate will not be asked for any payment related to these costs.

Flex does not accept unsolicited resumes from headhunters, recruitment agencies or fee based recruitment services. Flex is an Equal Opportunity Employer and employment selection decisions are based on merit, qualifications, and abilities. Flex does not discriminate in employment opportunities or practices based on: age, race, religion, color, sex, national origin, marital status, sexual orientation, gender identity, veteran status, disability, pregnancy status or any other status protected by law. Flex provides reasonable accommodation so that qualified applicants with a disability may participate in the selection process. Please advise us of any accommodations you request to express interest in a position by e-mailing: accessibility@flex.com. Please state your request for assistance in your message. Only reasonable accommodation requests related to applying for a specific position within Flex will be reviewed at the e-mail address. Flex will contact you if it is determined that your background is a match to the required skills required for this position. Thank you for considering a career with Flex.