Controls Manager

Controls Manager needed remote or hybrid in Roseland, NJ 6 month contract with possible extension Description: The Controls Manager in the Global Product & Technology Risk & Reliability group will focus on supporting the R&D team control owners with controls development, maintenance, and attestation, as well as support the R&D teams by ensuring failure response activities are driven to completion as they relate to new controls, control enforcement, or modifying the scope of the control. The Controls Manager will also support the stand-up and rollout of the integrated risk assurance program to R&D teams to support a broader understanding of the risk program and roles/responsibilities across the R&D organization. Responsibilities: Works with technical Control Owners to guide them through the development, maintenance, attestation and testing activities related to the security controls management process, advising the team from a technical cybersecurity, privacy, and IT controls perspective Maps controls to the organization's security framework, and to the appropriate testing team (ISO, SOC, PCI, Global Security, etc.) Creates and maintains templates and standard operating procedures that align to applicable policy, standard, and compliance requirements Provides recommendations to Control Owners to increase maturity and effectiveness Supports the Control Owner(s) when control failures occur to ensure control remediations are documented and executed upon Develops reporting and plans to ensure controls are maintained and attested to in accordance with policies and procedures Partners with Enterprise Risk, Global Security Organization, Internal Audit, Compliance, and other key stakeholders to ensure R&D controls and control activities are aligned to the organizations risk program and processes Develops rollout and educational strategies to strengthen the knowledge of the risk practices to the R&D organizations Partners with Control Owner(s) to ensure quality and accuracy of control activities information in ADP's GRC tool Serves as liaison between non-GPT risk roles and R&D if needed to support the risk process Participates in the Integrated Assurance Risk (IAR) working group to represent GPT and to align GPT's risk program to the IAR goals Other assignments may be assigned to support risk management projects and transformation efforts Requirements: Minimum of 5 years of ITGC (cybersecurity focus preferred) experience in the risk/audit domain 2 years of experience developing control procedures related to technology domains such as, product development, disaster recovery, data protection, cybersecurity, identity and access management, network management, and cloud Working knowledge of applied industry accepted frameworks and standards for cybersecurity, privacy, and IT, such as NIST 800-53, NIST Cybersecurity Framework, ISO 27001, and SOC One or more technical industry certifications preferred, such as the CISSP, CISA, CISM, etc. Demonstrated ability to work well in both an individual contributor and team capacity within a global team Able to interact in a professional manner and develop relationships with individuals and teams at any level 1-3 years of experience using an enterprise GRC tool, such as Archer Required Skills : NIST frame work big plus if they built out an audit on their own GRC tool, such as Archer last four of social , and BD (month and day) Basic Qualification : Additional Skills : Background Check :Yes Drug Screen :Yes Notes : Selling points for candidate : Project Verification Info : Candidate must be your W2 Employee :No Exclusive to Apex :No Face to face interview required :No Candidate must be local :No Candidate must be authorized to work without sponsorship :Yes Interview times set :Yes Type of project :Integration Master Job Title :Other Branch Code :New Jersey

Created: 2024-10-19