Senior IT Risk & Compliance Specialist, GRC Policies

IDEXX

  • Westbrook, ME
  • $120,000-140,000 per year
  • Permanent
  • Full-time
  • 2 months ago
IDEXX’s IT Risk & Compliance Group is dedicated to safeguarding the organization against various IT risks and ensuring compliance with industry standards and regulations. Key responsibilities of this team include conducting cyber risk training and assessments, managing third-party risk, overseeing SOX compliance, and ensuring privacy compliance across global operations. The team also spearheads the development of governance policies and provides comprehensive risk management consultancy services. Led by an experienced manager, the group consists of 6 seasoned professionals with extensive expertise in risk management, compliance, and security. Despite its size, the team adeptly manages the diverse and complex aspects of IT risk and compliance within IDEXX.As a Senior IT Risk & Compliance Specialist, you will be a functional IT Security Lead influencing the business managers and leading positive changes ensuring that the organization’s operations are conducted in a manner consistent with ethical business practices, organization policies, and legal requirements.Location: being located near our HQ in Maine or NH is preferred, but we are also open to anyone on the East Coast, EST time zone.In This Role…
  • Your main responsibilities will be to help create a governance program to include:
  • Policy creation based on industry standards, frameworks & best practice.
  • Communication of the policies to key stakeholders in the organization.
  • Implementation of the policies to various departments and lines of business by consulting with those teams to help ensure understanding.
  • Monitoring of the policies for compliance and managing any variances.
  • Establish a process to ensure policies are up to date and accurate.
  • You will conduct application gap assessments to establish security requirements and perform risk assessments.
  • You will be part of this team who provides risk management consulting services to various teams within the organization, aiding in prioritizing issues for resolution.
  • You will oversee the General Computer Control (GCC) universe, identifying risks, and implementing controls to mitigate these risks.
  • You will monitor management against internal standards within the program, acting as the first line of defense before internal audits.
  • As others on the team wear 3-4 “hats”, you will also juggle multiple roles within the team, including risk identification, quantification, and consulting
  • You will facilitate risk assessment at the operational level, acting as a bridge between tactical and enterprise risks within the organization.
What You Will Need to Succeed…
  • 7 to 10 years of experience within IT Audit with experience with GRC (Governance, Risk & Compliance), Controls, Risk Assessment, Project Management, or Internal Audit.
  • Must have expertise with Policy writing, implementing policies, monitoring policies and maintaining policies.
  • You have one of these certifications: CISA, CISM, CISSP, CRISC, CRMA or certification eligible
  • You know how to develop and implement controls and processes through frameworks like NIST, COSO, COBIT, etc.
  • You can perform and develop IT Risk Assessments.
  • You managed project tasks in Agile and Waterfall methodologies.
  • You think strategically and focus on achieving goals together with your team.
  • You communicate successfully in person and in writing and develop strong relationships with all levels in the organization.
  • You can handle difficult issues in a professional, assertive, and proactive manner.
What you can expect from us:
  • Base annual salary target: $120000 - $140000 (yes, we do have flexibility if needed)
  • Opportunity for annual cash bonus
  • Health / Dental / Vision Benefits Day-One
  • 5% matching 401k
  • Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching, and much more!
Why IDEXX?We’re proud of the work we do, because our work matters. An innovation leader in every industry we serve, we follow our Purpose and Guiding Principles to help pet owners worldwide keep their companion animals healthy and happy, to ensure safe drinking water for billions, and to help farmers protect livestock and poultry from diseases. We have customers in over 175 countries and a global workforce of over 10,000 talented people.So, what does that mean for you? We enrich the livelihoods of our employees with a positive and respectful work culture that embraces challenges and encourages learning and discovery. At IDEXX, you will be supported by competitive compensation, incentives, and benefits while enjoying purposeful work that drives improvement.Let’s pursue what matters together.IDEXX values a diverse workforce and workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply.IDEXX is an equal opportunity employer. Applicants will not be discriminated against because of race, color, creed, sex, sexual orientation, gender identity or expression, age, religion, national origin, citizenship status, disability, ancestry, marital status, veteran status, medical condition, or any protected category prohibited by local, state, or federal laws.

IDEXX