The IT Compliance Manager is a blended senior specialist role responsible for facilitating and ensuring IT internal controls and SOX compliance, support for cybersecurity and data privacy policies, risk management and the IT aspects of ERM in accordance with established and defined frameworks, standards and leading practices. The role supports IT Security, General IT Controls and Audit Compliance. The position reports to the CIO and must partner effectively with IT and other strategic businesses and functions across the organization, especially Internal and External Audit.
- Identify various compliance and business continuity risks to the organization and make recommendations for corrective actions/mitigation of risks.
- Leads and develops the IT side of ERM process.
- Key liaison with Internal & External Audit partners.
- Facilitate internal and external audit processes by participating in scoping discussions and walk-throughs, delivering evidence that controls are operating as defined, remediating deficiencies and acting on recommendations.
- Periodically review, update, implement and communicate changes to IT policies and procedures and General IT Controls.
- Build strong relations and knowledge of departments/functions - IT, finance, internal and external audit, and data privacy.
- Develop an IT Governance Framework for compliance with laws, regulations, and policies for the global IT environment. This framework should include tracking, reporting, and remediation for all control deficiencies and corrective action plans.
- Communicate governance and compliance objectives to ensure an appropriate compliance and risk aware culture. Identifies issues to ensure
compliance with IT general controls, SOX, ISO, Cybersecurity, Data Privacy, and other global regulations/laws as necessary
- Be responsible for all IT department policies and procedures including authoring and review. Partner with IM leaders, IM policy owners and business stakeholders to evolve legacy policies and put into place new policies. Own the policy road-map.
- Maintain knowledge, training, and awareness and communicate “best practices” to management and associates.
- Evaluate general and specific training needs and develop / deliver training to support the control environment and associated control framework.
- Bachelors degree in relevant field (IT, audit, cybersecurity, compliance-related, etc.). Masters degree is an asset.
- Certifications such as CISSP, CISM, CRISC, CISA, PMP.
- 4-8 years’ experience in corporate environment in compliance roles such as cybersecurity, audit, IT, Data Privacy, Enterprise Risk Management.
- Previous experience being accountable for client risk management, audit, cybersecurity and enterprise risk and compliance in a manufacturing company.
- Ability to understand the interrelation between financial, operational and technology internal controls and have experience developing solutions to business risks in an internal control context.
- Knowledge of COSO, COBIT, Sarbanes Oxley and ITIL frameworks.
- Good project management skills.
- Clear communicator with strong influencing skills to facilitate positive behavior changes.
- Technically savvy including strong MS Office skills.
- Organized, detail oriented and able to work on multiple priorities simultaneously.
- High energy self-starter who can work well with teams and independently.
- This role may require periodic travel both domestically and internationally.
At Quaker Chemical, we are experts in the development, production, and application of process fluids, lubricants, and coatings for the steel, metalworking, and many other manufacturing industries. With approximately 2,000 associates in more than 20 countries, we enable our customers to be more efficient - and ultimately more profitable. It's our obsession. And we achieve this through our intimate knowledge of the industries we serve and each one of the moving parts that comes with it. Quaker is a global publicly traded company with a unique collaborative culture that supports career growth for its associates and offers competitive compensation and benefit programs.