Sr. Principal, IT Compliance Specialist
Ingram Micro is an integral part of the technology and commerce ecosystems, helping our partners grow and thrive through the creation and delivery of Information Technology, Lifecycle Management, e-Commerce Logistics, and Cloud solutions. With $49 billion in revenue and the ability to reach 90% of the global population, we have become one of the world’s largest technology distributors with operations in 59 countries and more than 35,000 associates.
This position has the opportunity for hybrid work with up to three days remote per week.
The Sr. IT Compliance Specialist is responsible for performing, or leading, complex and/or significant compliance reviews, within the IT audits including network, internet, applications, telecommunications, security administration, and contingency planning. Assess risks, develops detail audit/compliance programs, execute audit/compliance programs steps, analyze results and effectively communicate results to the senior management.
On a primarily independent basis, support global activities as they relate to IT compliance including Financial Regulations, Statutory Audits, customer commitment obligations such as SOC1 and SOC2 attestation, Internal and External Auditor liaison support and management documentation / reporting. This support will be accomplished by reviewing existing processes, identifying improvements activities and recommending control improvements and/or efficiencies.
- Plan and conduct complex IT and integrated audit/compliance projects, including preparation of an objective risk-based assessment and an effective audit/compliance approach.
- Leads and/or participates on audit/compliance of Applications, Enterprise security, IT General Controls, for complying with policies and procedures.
- Manage and support Global IT compliance to security frameworks and standards as they relate to SOX, SOC 1, ITGC and Regulatory requirements for auditing, reporting and remediation where appropriate
- Execute operational activities to support audit and compliance activities including technical validation processes
- Create professional reports tailored to each client that detail assessment findings and include a roadmap of practical, actionable steps for improving their security posture and achieving compliance
- Support/participate and perform the due diligence and security compliance validation with 3rd party IT solution providers.
- Manage and Support External Audit activities and reporting.
- Provide presales and scoping assistance as needed
- Manages the project with timelines, efforts, meeting minutes, and track it until the completion.
- Support and enforce Information Security Policy, Standards, and Guidelines for business operations and technology implementations
- Maintain strong working relationships with internal and external support teams including Global, Regional Work on special projects as required by management
- Stay abreast of changes within the IT compliance areas including business change requirements and regulatory changes from an international perspective and Country IT associates
Process Improvement and Associate Success:
- Perform business processes value-added assessment of internal controls, systems, processes, financial reporting, and identify opportunities for improvement and efficiencies.
- Actively looks for opportunities to develop new ideas to positively impact existing methods, services, or products.
- Targets performance improvements while analyzing systems and processes.
- Understands, analyses, and documents cost/benefit analysis where appropriate.
- Actively accepts individual and team responsibilities and meet commitments. Takes responsibility for own performance and actions and demonstrates responsibility and teamwork towards overall team/department goals.
- Actively mentors and assists other IT personnel on topics related to IT security
- Effectively multi-tasks on multiple assignments and deliverables.
- Takes and exhibits initiative to further develop technical and professional skills, by attending training and/or willingness to learn new systems or technologies in use by the Information Technology department.
- Possesses understanding of Ingram Micro’s business including knowledge of department names and business processes conducted by each, company global organization, and key customer and vendor segments.
Education and Technical Expertise:
- A Bachelor’s degree in Computer Science, Engineering, or related Science and Math discipline with an IT or Business emphasis is required.
- 8-10 years or more relative experience in a global information technology environment with a background in auditing and process support
- Information Security background including an understanding of the basic security best practices, standards and methodologies
- IT technical knowledge in support of compliance including Operating System, Database, Networking and Security technologies
- Must possess a valid passport and be legally allowed to leave and return to originating country.
- Ability to formulate detailed technical documentation, remediation requirements
- Strong communication skills for both technical and business level discussions on compliance matters
- Relevant auditing and compliance certification (e.g. QSA, ISA, CISM, CISA, ISO 27001 Lead Auditor) preferred
Please be prepared to pass a criminal background check and drug test.
This is not a complete listing of the job duties. It’s a representation of the things you will be doing, and you may not perform all these duties.
Ingram Micro believes there is no place in our society for social injustice, discrimination, or racism. As a company we do not – and will not – tolerate these actions.
Ingram Micro Inc. is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or any other protected category under applicable law.