SOC enterprise security Manager -W2 only -USC and GC only

• IT Program Manager
• Banking SOX Controls Remediation
• Project Governance
• Banking Risk Remediation

We are seeking a highly experienced Program Manager to lead and manage multiple risk programs across our organization. This role will focus on remediating SOX control issues, managing various risk-related programs such as Privilege Access Management, Identity Access Management (IAM), Control Remediation, and End User Computing, and addressing key findings from both internal and external audits. The individual will work closely with Enterprise Security, BIOs, and senior leadership to ensure the successful execution of risk programs, supporting compliance initiatives and mitigating risks across technology and the enterprise.

This is an opportunity for a strategic, detail-oriented professional with a deep understanding of risk management, SOX compliance, and the ability to handle complex, large-scale programs with multiple workstreams. This role requires the ability to work independently, effectively coordinate efforts across teams, and provide clear communication to senior leadership.

• Remediate SOX Control Issues: Lead efforts to address and resolve SOX control issues, ensuring that all findings are remediated and compliant with industry standards.
• Manage Risk Programs: Oversee key risk programs including Privilege Access Management (PAM), Identity Access Management (IAM), Control Remediation, and End User Computing across the organization.
• Audit Management: Address findings from internal and external audits, ensuring proper risk assessments and controls are in place to mitigate any identified risks.
• Cross-functional Collaboration: Work closely with Enterprise Security, Technology teams, BIOs, and the executive team to drive risk management initiatives and coordinate work across various workstreams.
• Program Execution: Lead the execution of multiple complex programs, ensuring deliverables are met on time, with quality, and in compliance with SOX and other regulatory requirements.
• Stakeholder Engagement: Work with business leaders to identify risk, prioritize mitigation efforts, and ensure all areas of the business are supported in meeting compliance requirements.
• Risk Assessments: Lead risk assessments triggered by FRBs, SOX audits, and other internal and external findings, focusing on security, compliance, and operational controls.
• Tool Implementation: Oversee the implementation of new tools such as SailPoint and CyberArk for Privilege Access Management and ensure their rollout across applications to assess and manage risks.
• Program Oversight: Ensure that program deliverables related to file access management, shadow IT, and other findings within the Wealth space are prioritized, planned, and executed effectively.
• Leadership & Communication: Provide regular updates and strategic recommendations to senior leadership, ensuring all risk programs align with organizational goals and regulatory requirements.

• Minimum of 5 years in a program management role, focusing on risk management, SOX compliance, or IT security.
• Proven experience leading complex risk management programs with multiple stakeholders and workstreams.
• Strong understanding of SOX requirements, internal and external audit processes, and risk management best practices.
• Experience with Privilege Access Management (PAM), IAM solutions, and security controls is highly preferred.
• Skills & Knowledge:
• Strong knowledge of risk management frameworks, including familiarity with industry tools (e.g., SailPoint, CyberArk).
• Ability to manage and execute programs related to control remediation, file access management, and technology governance.
• Proven ability to engage with senior leadership and technical teams to drive change and ensure compliance.
• Solid communication, organizational, and project management skills.
• Ability to manage and coordinate complex programs across multiple workstreams, ensuring alignment with business objectives and risk mitigation goals.

• Bachelor's degree in Business Administration, Information Technology, Risk Management, or a related field (Master s degree preferred).
• Certifications (Preferred):
• CISSP, CISM, CISA, or other relevant risk management/security certifications are a plus.

• The individual will not be managing a team but will work across multiple teams to ensure risk management processes are followed effectively.
• The role is not a shared resource, requiring full-time dedication to managing risk programs across the organization.
• The Program Manager will need to quickly acclimate to ongoing and complex risk programs and drive them to successful completion.