This position is responsible for IT’s adherence to all regulatory compliance requirements, including Sarbanes-Oxley (SOX) and is responsible for managing and maintain the IT General Controls structure for the organization. Coordinates and represents IT in all internal and external audit and assessment related activities. Ensure IT policies, controls and processes are sufficient, cost effective, feasible, reasonable and current with regulatory requirements. Facilitate definition of cross IT Management level policies and controls and drive associated change across IT Management staff. Assess regulatory, business and technology change and architect and drive the implementation of the necessary changes to policies, controls and associated processes.
Keep abreast of regulatory requirements for SOX, HIPAA, GLBA and standards such as ISO 27000, 27001 and 27002.
Translate regulatory requirements and standards to IT policies, controls and processes.
Assess changes to regulatory requirements and standards and determine their impact to internal IT policies, controls and processes. Make recommendations for associated changes to IT policies, controls and processes, and facilitate their implementation.
Identify and evaluate business and technology risks, internal controls that mitigate risks, and related opportunities for internal control improvement. Write risk assessments and facilitate their approval when they are necessary.
Evaluate major organizational changes, implementation of new technologies and agreements with third-party service providers to ensure continual IT compliance to regulatory requirements.
Act as a liaison to internal and external audit personnel.
Manage all internal and external audit and assessment activities for the organization while identify necessary process improvements. Drive resulting remediation efforts as required.
Keep management informed of progress of audit activities and associated remediations.
Provide guidance to management and staff on regulatory requirements, audit concerns and areas for process improvement.
Identify internal process improvements efforts to reduce costs associated with audit activities.
Skills, knowledge and experience needed:
10+ years information technology experience.
Experience managing IT Compliance related activities with a working knowledge of SOX IT General Controls.
Working knowledge of security and control management best practices such as COBIT, COSO, CMMI, ITIL and ISO.
Project management experience required.
College degree in an information technology discipline preferred.
Audit related certification such as CISA a plus.
Experiences in all phases of systems development preferred.
Must work effectively in a team environment.
Highly skilled in verbal and written communications.
Previous experience in mutual funds or financial services industry preferred.
Waddell & Reed, Inc. is a subsidiary of Waddell & Reed Financial, Inc. (NYSE:WDR). Waddell & Reed Financial, Inc., through its...