Ingram Micro is an integral part of the technology ecosystems, helping our partners grow and thrive through the creation and delivery of Information Technology, Cloud solutions and Lifecycle services. With more than $54 billion in revenue and the ability to reach 90% of the global population, we are one of the world’s largest technology distributors, serving our partners through operations in 61 countries with 29,000 associates.
Ingram Micro has earned Great Place to Work Certification™ for 2022-2023 in the United States! This prestigious recognition reflects our commitment to our people and our culture.
*This position is in the Irvine, California corporate headquarters and has the opportunity for hybrid work with up to three days remote per week.
*** Seeking BIG 4 experience in assurance, external audit of public traded companies ***
This position of Director, IT Compliance works for the Executive Director, Information Security to manage IT Compliance across all Ingram Micro and its subsidiaries. This role is responsible for budgeting, execution of projects, execution of audit and compliance activities, project management, and working directly with business customers/partners. The role is responsible IT audit activities, coordinating between control owners and auditors, implementation of audit tools and collaboration tools, reporting at all levels of the organization (including executive reporting), and participating in the SOX steering committee. This role should have familiarity with compliance programs, audit frameworks (e.g. PCI, SOX, SOC, ISO), and regulatory items related to cybersecurity (e.g. GDPR, Privacy, etc.).
IT Audit & Compliance
- You are responsible for ensuring control owners are aware of their responsibilities, are properly trained, and held accountable.
- You are responsible for periodic reporting into all audit programs (PCI, SOX, SOC, and ISO).
- Lead and participate on IT compliance engagements from planning to reporting and produce quality deliverables to both departmental and professional standards while ensuring audits are completed timely and within budget.
- Plan, complete, and document audit reports, including risk assessments, compliance planning, compliance testing, control evaluation, report drafting and follow-up, and verification of issue closure while ensuring audits are completed timely and within budget.
- Finalize compliance findings and use judgment to provide an overall opinion on the control environment through developing recommendations to strengthen internal controls.
- Optimally run and lead the Compliance team, performing timely review of work performed and providing honest and constructive feedback to proactively lead performance and improve skills across the team.
- Stay ahead of industry trends to find opportunities for impactful innovations or strategic partnerships.
- Examine, evaluate, and identify key risk areas within internal policies and procedures relating to IT processes, and verify compliance with relevant regulations.
- Demonstrates strong subject matter knowledge in critical areas of technology infrastructure, information security, and technology service processes.
- Apply current knowledge of IT trends, techniques, and risks to identify security and risk management improvement opportunities.
- Demonstrate knowledge and experience of legal and regulatory technology risks and requirements across business sectors and regions.
- Participate in multiple departmental initiatives and working groups to enhance or provide efficiencies in compliance coverage on existing areas as well as emerging technologies
- Conduct regular meetings with stakeholders providing updates in a clear concise manner to management and other senior business leaders.
- Oversee leadership development to ensure cohesiveness between business and IT groups and support staff during organizational growth/changes.
- Oversee staff development to ensure consistent discipline for all technology related initiatives and endeavors.
- Oversee Cybersecurity Programs/Projects and provide leadership and support where necessary
- Monitor information security trends and evolving technologies and keep senior management informed about related information security issues and implications for the Company
Management and Oversight
- Identify, propose, and review key information security program priorities, initiatives, plans, practices and tools
- Monitor and report on the current status of the Ingram Micro IT Security information program and initiatives.
- Interface with strategic stakeholders to implement best practices, system changes, and adherence to standards and procedures, etc.
Human Resource Management
- Attract, coach, develop and retain high-performing team members
- Manage Ingram Micro’s information security organization, consisting of direct and indirect reports. This includes hiring, disciplining, training and staff development, and performance reviews.
What you bring to the role:
- Must have proven effective problem solving, decision making, critical thinking, leadership and analytical skills.
- Extensive experience working with audit, cybersecurity, and legal functions of customers and partners.
- Exceptional verbal/written presentation and communications skills
- Advanced organizational skill, with the ability to create, redesign and/or integrate complex organizational systems
- Executive experience, preferably in a high-performance team environment
- Extensive financial/budgeting planning and management experience
- Demonstrate an understanding of and ability to administer Corporate Policies and procedures effectively and consistently.
- Effective communication, presentation, and leadership skills.
- Proven team leader with excellent facilitation skills.
- Extensive knowledge of information risk concepts and security controls.
- Extensive experience with Information Security industry standards/best practices and relevant regulations (e.g., PCI DSS, HIPAA, GLBA, FISMA, NIST, ISO, CobiT, ISF)
- The ability to evaluate and interpret the risk implications of non-compliance or changes to compliance requirements.
Education and Experience:
- 10+ years of experience at a top 10 audit firm with > 50% of your assignments being performing IT audits at publicly listed companies.
- A Bachelor’s degree in Computer Science, Business Administration, Engineering, Finance, or Information Services (or the equivalent of education and progressive responsible experience) plus a minimum of 10 - 12 years of IT audit experience with at least 6 years of progressive managerial experience.
- Exceptional experience navigating through the politics of a large multi-tiered, multi-agency private sector organization.
- One or more relevant certifications: PMP, Security+, CISSP, CISA, CIPP and/or technical IT security credentials.
This is not a complete listing of the job duties. It’s a representation of the things you will be doing, and you may not perform all these duties.
Please be prepared to pass a drug test and successfully pass a pre-employment (post offer) background check that includes verification of vaccination status.
Ingram Micro requires all new associates to be fully vaccinated against COVID-19. Therefore, this position requires applicants to submit proof, prior to start date, that the successful applicant is fully vaccinated against COVID-19. Ingram Micro will comply with applicable laws regarding the reasonable accommodation of individuals with disabilities and/or sincerely held religious beliefs. Applicants will be notified of the requirements of Ingram Micro’s COVID-19 policy and process for verification of vaccination status prior to the start of employment.
Ingram Micro believes there is no place in our society for social injustice, discrimination, or racism. As a company we do not – and will not – tolerate these actions.
Ingram Micro Inc. is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or any other protected category under applicable law.