Ingram Micro is an integral part of the technology and commerce ecosystems, helping our partners grow and thrive through the creation and delivery of Information Technology, Lifecycle Management, e-Commerce Logistics, and Cloud solutions. With $49 billion in revenue and the ability to reach 90% of the global population, we have become the world’s largest technology distributor with operations in 59 countries and more than 35,000 associates.
*This position is in the Irvine, California corporate headquarters and has the opportunity for hybrid work with up to three days remote per week.
We are seeking a talented and motivated Manager of Compliance to take our global IT Audit and Compliance program to the next level. With GDPR, PCI, SOX, SOC1, ISO and more to comply with, we have a truly fascinating role for someone who wants to build their talent stack while working at a premier global Technology company.
Responsible for coordination, management and execution of all IT Compliance activities for global IT. Key activities include:
- PCI-DSS certification and program management
- Maintains documentation current for the PCI program
- Conducts monthly meetings with key stakeholders to assure ongoing compliance with the PCI-DSS
- Works well with other languages, cultures, time zones and leaders to achieve good results for the whole company
- Quarterly security assessments
- Annual attestation
- Ensuring compliance of 3rdparties and acquisitions
- SOX 302 Certification:
- Coordinate quarterly compliance with SOX 302 for WWIT, Regional IT and Local Country IT.
- Maintain and update self-assessment survey with communication and training to the regions/countries.
- Evaluate quarterly results and communicate to management.
- Coordinate quarterly certification process amongst 4 regions (35 countries) plus WWIT.
- SOX 404 Monitoring and Testing:
- Coordinate monitoring and testing of WWIT’s internal controls specifically related to General Computing Controls (GCC) for Sarbanes Oxley 404 systems (Impulse, Oracle, PeopleSoft, etc).
- Manage the resources allocated to IT SOX activities
- Support external audit/internal audit requests for audit documentation
- Review operating effectiveness of key controls and tests.
- Perform direct investigations and testing where required
- Develop/update and analyze IT company processes
- Advise application and operational owners on key findings
- Review test results and assess risk to company
- Communicate findings to application owners, operational owners, internal audit and management
- Global ISO27001 Security Certification
- Responsible for quarterly assessments, annual sampling audit, awareness and training and facilitation of annual external assessor audits world-wide.
- Facilitation of ERP and Legacy System IT General Control Audits
- Annual SSAE16 Completion
- Coordinate annual SOC1 audit process with major vendors such as ACS, Infosys, L&T etc.
- Review and communicate to WWIT SOX Committee the key findings from SAS 70 reports and implications to Ingram Micro.
- Internal Audit Monitoring and Testing
- Support internal audit requests for audit documentation
- Coordinate audit activities and initiatives for WWIT
- Provide recommendations for gap remediation
- Planning and execution for audit/SOX remediation activities.
- Managing remediation initiatives according to budget
- Coordinating Vendor/Customer Audit Support as required
- Responsible for running key IT Security and IT Compliance projects with periodic updates to management and stakeholders
- Build professional relationship with various organizations including Internal Audit, External Audit, Security, IM Customers, WWIT Operations, WWIT Business Solutions Delivery, WWIT Finance & Business Operations.
What you bring to the role:
- Bachelor’s degree in MIS Audit, Computer Science, Business Administration, Accounting or related field required. CISA, CISSP, or SAP (Master, Professional or Associate) certification highly desirable.
- 10+ years of relevant experience – with at least 4 years managing a team of direct reports.
- Direct experience with ERP applications (Impulse, Oracle, SAP) a plus.
- Achieve ISO27001 Lead Assessor Certification
- Strong understanding of mainframes, midrange and Inter-based server infrastructures; other large scale ERP systems and other critical applications such as Oracle 11i, Peoplesoft etc., software development processes, infrastructure, security practices and internal control practices.
- Technical knowledge of hardware and software for desktop, midrange and mainframe environments required.
- Direct IT experience with ERP applications (Impulse, Oracle, SAP) would be a plus.
- Experience developing/creating detailed internal control documentation in large ERP environment a plus.
- Strong project management skills
- Confidence, good judgment, energy and personality to work in a dynamic, global environment across all levels of management and across business units and functions.
- Ability to recognize problems and relate to business needs, to be perceptive, penetrate and go to the heart of the issue/problem, and plan/develop the appropriate course of action.
- Ability to convey ideas (both written and verbal) clearly, fluently, and persuasively; to be articulate, and present organized trains of thought to assure proper exchange of information
- Strong attention to detail
- Excellent organizational and multi-tasking skills
- Strong PC, worksheet and word processing skills
- Discretion required due to access to confidential information
This is not a complete listing of the job duties. It’s a representation of the things you will be doing, and you may not perform all these duties.
Please be prepared to pass a drug test and successfully pass a pre-employment (post offer) background check that includes verification of vaccination status.
Ingram Micro requires all new associates to be fully vaccinated against COVID-19. Therefore, this position requires applicants to submit proof, prior to start date, that the successful applicant is fully vaccinated against COVID-19. Ingram Micro will comply with applicable laws regarding the reasonable accommodation of individuals with disabilities and/or sincerely held religious beliefs. Applicants will be notified of the requirements of Ingram Micro’s COVID-19 policy and process for verification of vaccination status prior to the start of employment.
Ingram Micro believes there is no place in our society for social injustice, discrimination, or racism. As a company we do not – and will not – tolerate these actions.
Ingram Micro Inc. is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or any other protected category under applicable law.