This role is responsible for ensuring the delivery of cost-effective and standardized IT solutions across multiple business entities as well as engaging in large-scale IT projects. The role actively participates in major IT initiatives, ensuring effective communication with stakeholders and integration of business and regional perspectives. The role initiates and cultivates relationships with influential decision-makers at the highest levels and key tactical leaders, advocating for IT best practices, and shaping strategic business planning with a pronounced IT influence. The role also provides mentorship to lower-level employees and ensures the realization of operational and strategic plans.
We are looking for visionaries who are ready to make an impact on the way the world works. At HP, the future is yours to create!
Role will be reporting to senior management of IT Compliance under the IT Risk Management and Compliance Division.
**Responsibilities**
As a Principal/Master level professional in IT General Control Framework management, you will be responsible for a range of high-impact activities designed to ensure the security, compliance, and efficiency of our IT operations. Key responsibilities include but are not limited to the following:
- ** Stakeholder Engagement**:
- Engage with IT teams, auditors, and legal departments as needed to facilitate smooth and effective communication.
- Establish and maintain robust relationships with various IT support and business teams, leveraging deep business knowledge and acumen to drive improvements in IT engagement and compliance initiatives.
- ** Audit and Compliance Management**:
- Manage audit activities, ensuring all necessary documentation and evidence are provided to auditors.
- Support the management with the delivery of action plans for audit issues raised, Audit, and SOX Controls testing.
- Analyze SOC reports (e.g., SOC 1, SOC 2, SOC 3) to assess the effectiveness of service organizations' controls related to financial reporting, security, availability, processing integrity, confidentiality, and privacy.
- ** Control Implementation and Monitoring**:
- Ensure that approved IT General Controls are embedded in the current service lines and processes across the organization.
- Conduct risk assessments to identify potential compliance risks and vulnerabilities within the SDLC process.
- Develop mitigation strategies and controls to address identified risks and ensure effective management throughout the development lifecycle.
- ** Process Improvement and Automation**:
- Stay updated on relevant regulations and standards applicable to the industry, evaluating and recommending improvements to business practices, processes, and controls.
- Open to implementing automation where possible to help improve processes and enhance efficiency.
- Continuously assess and improve compliance processes, controls, and procedures to align with evolving regulatory requirements and industry best practices.
- ** Training and Development**:
- Develop and deliver training programs to educate development teams and other stakeholders on compliance requirements, best practices, and policies related to software development.
- Foster a culture of compliance awareness and accountability within the organization.
- ** Project and Team Support**:
- Support the team manager with various activities to drive the various projects within the team to meet goals.
- Review all project deliverables in accordance with the SDLC framework, ensuring they meet quality standards and compliance requirements.
- Contribute as part of the second Line of Defense to the compliance of applicable laws and regulations, internal codes of practice/standards, and policy and procedures.
- ** Communication and Reporting**:
- Communicate specific IT decisions relevant to the IT support teams/business, ensuring clarity and alignment.
- Facilitate securing management responses from respective IT leadership, meeting aggressive timelines, and delivering quality products.
- Provide support to internal and external auditors and auditees, ensuring thorough and accurate documentation and reporting.
- ** Vendor and Third-Party Management**:
- Evaluate and monitor third-party vendors, suppliers, and partners involved in the software development process to ensure adherence to compliance requirements and contractual obligations.
- ** Continuous Improvement**:
- Solicit feedback from stakeholders and incorporate lessons learned into compliance initiatives to drive continuous improvement.
This role requires a highly skilled and experienced professional who can balance technical expertise with strong leadership and communication skills to ensure the successful management of IT General Controls across the organization.
**Education & Experience Recommended**
- ** Bachelor's Degree**: Business Administration, Management Information Systems, or a related field.
- ** Advanced Degree**: A master's degree is preferred but no