IT GRC Technical Lead

Job Summary
Wright Technical Services is proud to represent a Fortune 500 industry-leading manufacturer. The Technical Lead - IT Compliance will be responsible for ensuring that our company's IT systems, processes and information assets are protected in accordance with all relevant regulations and standards, such as SOX, NIST, CMMC, GDPR, ISO, AND TISAX. This role involves providing technical leadership, expertise, design and implementation of compliance programs for new regulations. This person will also provide guidance and technical design expertise on compliance initiatives, conducting audits and assessments, responding to cybersecurity questionnaires, supporting IT team members and mentoring IT GRC analysts. This role is part of a team of GRC professionals, collaborates with cross-functional teams, and implements robust strategies to maintain and enhance our compliance posture. Proven and previous program design and implementation experience is a MUST.

Qualifications

• Bachelor's degree in Computer Science, Information Security, or related field is required.
• One or more of the following certifications is required: CISA, CGRC, CRISC, CIPP, CGEIT, or CISSP.
• 5 years of experience in IT compliance, with experience in SOX, NIST, CMMC, GDPR, and ISO.
• Strong knowledge of relevant regulations and standards, such as SOX, NIST, CMMC, GDPR, ISO and TISAX.
• Strong understanding of IT and cybersecurity principles, risk management, and compliance best practices.
• Proven track record of leading and managing GRC initiatives and teams.
• Experience developing and implementing IT compliance programs, processes, procedures, and standards.
• Wide-ranging knowledge in technical infrastructure and applications, from legacy through next generation.
• Excellent project management, personal and organizational skills.
• Excellent communication and interpersonal skills.
• Familiarity with relevant compliance management software and tools.
• Must be a US Citizen (government project) and currently working in the United States.

Description

Cross-Functional Collaboration

• Work closely with enterprise technology, risk management, cybersecurity, and business teams to integrate compliance practices and align with industry standards.
• Collaborate with stakeholders across the organization to ensure a clear understanding of compliance requirements and alignment with business goals.
• Establish and maintain strong relationships with stakeholders across technology, compliance, cybersecurity, audit, HR and third-party vendors.
• Work with internal/external auditors, regulators, business stakeholders and other functional areas such as Legal, Compliance and HR.
• Provide guidance and support to other members of the IT team on compliance-related issues.

Compliance Frameworks and Process

• Maintain and enhance compliance assessment toolkits for testing and validation
• Play a critical role in leading the development, implementation, and maintenance of comprehensive GRC strategies aligned with CMMC, SOX, ISO 27001, and TISAX standards.
• Provide technical expertise in GRC practices, focusing on CMMC, SOX, ISO 27001, and TISAX frameworks.
• Develop, document, and implement IT compliance processes, procedures, and standards.
• Stay up-to-date with changes in regulations, standards, and emerging regulatory requirements and ensure compliance.
• Provide technical leadership for compliance projects.
• Manage and maintain compliance-related documentation and records.
• Serve as a subject matter expert (SME) for GRC-related matters, guiding the team and organization in compliance best practices.
• Drive continuous improvement initiatives to enhance the efficiency and effectiveness of compliance processes and controls.
• Leverage automation and technology to streamline compliance activities and reporting.

Audits and Assessments

• Conduct regular audits and assessments to verify compliance with all applicable regulations and standards.
• Regularly assess and update the organization's compliance programs, policies, and procedures to meet changing regulatory landscapes.
• Conduct regular risk assessments to identify potential compliance vulnerabilities and gaps.
• Develop and implement risk mitigation plans to address identified issues and minimize exposure to compliance risks.
• Collaborate with internal audit teams to support compliance audits and assessments.
• Oversee the response process for customer cybersecurity inquiries, vendor questionnaires and compliance questionnaires.
• Develop and deliver relevant KPIs and metrics for management consumption.
• Evaluate security controls and identify opportunities for improvement and communicate recommendations.
• Identify and implement improvements to increase efficiency of the compliance program and processes.
• Collaborate with the Lead, IT Policy and Security Awareness to develop and deliver training programs on IT compliance for employees across the organization.

Eligibility: All applications current authorized to live and work in the United States on a Permanent basis are welcome to apply. Must be currently residing in the US. Sponsorship is not available for this position.

Wright Technical Services and our client are Equal Opportunity Employers. We celebrate diversity and are committed to creating an inclusive environment for all employees. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.