**_Description: -_**
HP is a proven leader in personal systems and printing, delivering innovations that empower people to
create, interact, and inspire like never before. We leverage our strong financial position to extend our
leadership in traditional markets and invest in exciting new technologies.
HP has an impressive portfolio and strong innovation pipeline across areas such as:
- Blended reality technology - our unique Sprout by HP will change the way people do things
- 3D printing
- Multi-function printing
- Ink in the office
- Tablets, phablets, notebooks
- Mobile workstations
We are looking for visionaries who are ready to make an impact on the way the world works. At HP, the
future is yours to create!
**_ Responsibilities: _**
- Establishes and maintains relationships with several IT support/business teams. Uses deep business knowledge and business acumen to drive improvements in IT engagement for this initiative.
- Meet aggressive timelines, deliver quality product, and work well in a dynamic team environment. Demonstrate an understanding of standard IT processes and tools.
- Supporting team manager with various activities to help drive the various projects within the team to meet the goals.
- Engage with IT teams, Auditors & Legal as needed and help manage audit activities.
- Contribute as part of the second Line of Defense to the compliance of applicable laws & Regulations, Internal codes of practice/Standards and policy and procedures.
- Support management with delivery of action plans for AIR raised, Audit and SOX Controls testing.
- Ensuring that approved IT General controls are embedded in the current service lines and processes across HP.
- Analyze SOC reports (e.g., SOC 1, SOC 2, SOC 3) prepared by service organizations to assess the effectiveness of their controls related to financial reporting, security, availability, processing integrity, confidentiality, and privacy.
- Gain a deep understanding of the control objectives outlined in the SOC reports and the criteria against which the controls are evaluated.
- Establishes and maintains relationships with other teams. Uses specific business knowledge and general business acumen to support effective IT engagement for major initiatives.
- Review all the project deliverables in accordance with SDLC framework.
- Stay updated on relevant regulations and standards applicable to the industry, Evaluate and recommend improvements to business practices, processes, and controls.
- Conduct risk assessments to identify potential compliance risks and vulnerabilities within the SDLC process.
- Develop mitigation strategies and controls to address identified risks and ensure that compliance risks are effectively managed throughout the development lifecycle.
- Provide support to internal and external auditors and auditees.
- Plan and conduct regular audits and reviews of software development processes to assess compliance with regulatory requirements and internal policies.
- Identify non-compliance issues, deviations from standards, and areas for improvement, and work with stakeholders to address them effectively.
- Develop and deliver training programs to educate development teams and other stakeholders on compliance requirements, best practices, and policies related to software development.
- Foster a culture of compliance awareness and accountability within the organization.
- Evaluate and monitor third-party vendors, suppliers, and partners involved in the software development process to ensure that they adhere to compliance requirements and contractual obligations.
- Continuously assess and improve compliance processes, controls, and procedures to enhance efficiency, effectiveness, and alignment with evolving regulatory requirements and industry best practices.
- Solicit feedback from stakeholders and incorporate lessons learned into compliance initiatives.
**_ Education and Experience Required: _**
Bachelor's degree in management information systems computer science or equivalent experience and a minimum of 5 years of related experience or a Master's degree and a minimum of 3 years of experience.
**_ Knowledge and Skills: _**
- Excellent verbal and written communication skills.
- Excellent project management and process development skills.
- Ability to collaborate, working closely with both functional and technical teams.
- Understanding of audit and assurance principles and practices. Familiarity with auditing standards, such as SSAE 18 (formerly SAS 70) for SOC 1 reports and AT-C 205 for SOC 2 reports.
- Strong knowledge of information security principles, concepts, and best practices.
- Proficiency in using software tools and technologies for analyzing SOC reports and assessing control effectiveness.
- PMP or SAFe Agile Scrum Master Certification preferred
- Strong knowledge on the Compliance processes and controls
- Authorship of the SDLC deliverables
- Understanding of the Change Management process
**Disclaimer
