Sedgwick

IT Security Manager

Sedgwick

full-time

Posted on:

Location Type: Remote

Location: PennsylvaniaUnited States

Visit company website

Explore more

AI Apply
Apply

Job Level

SeniorLead

About the role

  • To manage and advance the IT security, risk and audit compliance program
  • Planning, scheduling, coordinating, reviewing and reporting of the work of the department
  • Supervise, coach and train staff
  • Develop procedures and audit programs and policies
  • Represent Sedgwick IT to clients, carriers and external stakeholders
  • Assist IT management on projects as needed
  • Performs advanced, specialized and/or managerial IT compliance working the areas of regulatory compliance, data security and protection, risk assessment and risk mitigation
  • Manages complex audits both internally and externally including third party vendor audits and client-initiated IT audits
  • Performs critical project management duties in the planning, scheduling, coordinating, reviewing and reporting of the work of IT compliance teams
  • Provides expertise in IT compliance standards and performance criteria, data security requirements and information technology skills
  • Develops and maintains productive internal and external stakeholder relationships
  • Communicates with company management clients, carriers, vendors and other stakeholders as needed during IT compliance activities
  • Directly interacts with clients, carriers and other external stakeholders in critical or sensitive communications regarding IT compliance and security
  • Responds to client, carrier and legal counsel inquiries regarding IT compliance and security matters
  • Responsible for teaching, training and coaching staff and for creating appropriate awareness programs within IT and the enterprise
  • Develops procedures, schedules, priorities and programs for achieving IT compliance objectives and goals
  • Recommends and executes new policies at department and enterprise level
  • Prepares audit and compliance reports, analysis and recommendations using advanced writing skills
  • Assesses risk factors to identify high risk areas within IT
  • Develops risk remediation plans and manages related projects to completion
  • Identifies and communicates changes in professional and industry standards, laws, guidelines and audit requirements to department and enterprise personnel
  • Consults with and advises administrators, management and staff on various operational control issues related to computerized information systems as needed
  • Attends and/or conducts internal and external meetings
  • Leads recruitment and hiring of IT audit, compliance and security colleagues
  • Attends, presents and/or participates in continuing professional education classes and training courses
  • Follows up on audit findings to ensure that management has taken corrective action(s)
  • Assists and trains other audit staff in the use of computerized audit techniques and in developing methods for review and analysis of computerized information systems

Requirements

  • Bachelor's degree from an accredited college or university required
  • MBA or relevant Masters degree with a major in accounting or information technology field strongly preferred
  • At least two of the following credentials required (additional credentials are preferred): Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Information System Security Professional (CISSP), or Certified Information Systems Auditor (CISA) designation
  • Ten (10) years of information technology, accounting or closely related industry experience or equivalent combination of education and experience required to include four (4) years project management and/or supervisory experience in a team environment.
  • Excellent understanding of internal control and data security concepts and their applications
  • Excellent knowledge of IT compliance frameworks (i.e. SSAE 16 and ISO 2700x frameworks at minimum)
  • Excellent knowledge of IT risk management, risk mitigation, data protection and security, and investigation procedures
  • Solid knowledge of Sarbanes-Oxley Act provisions and methodologies for achieving compliance
  • Excellent oral and written communication, including presentation skills
  • PC literate, including Microsoft Office products
  • Creative and analytical approach to problem solving
  • Excellent detail orientation, time management skills and organization skills
  • Excellent interpersonal skills and ability to work with various levels within the organization
  • Ability to maintain confidential information in professional manner
  • Ability to maintain profession demeanor in times of high stress
  • Ability to manage multiple projects and set priorities
  • Ability to work in a team environment and independently
Benefits
  • Health insurance
  • Retirement plans
  • Professional development opportunities
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
IT securityrisk assessmentaudit compliancedata protectionproject managementinternal controlIT compliance frameworksrisk mitigationdata security conceptscomputerized audit techniques
Soft Skills
communication skillsleadershipcoachingproblem solvingtime managementorganization skillsinterpersonal skillsdetail orientationability to work under stressability to work independently
Certifications
Certified Public Accountant (CPA)Certified Internal Auditor (CIA)Certified Information System Security Professional (CISSP)Certified Information Systems Auditor (CISA)