Senior IT Risk - Compliance Manager

March 22

Apply Now

Receive Emails with Similar Jobs

Novanta Inc.

WebsiteLinkedInAll Job Openings

Novanta Inc. is a leading technology company that provides mission-critical solutions in the Medical and Advanced Industrial markets. With over 30 years of experience, Novanta partners with original equipment manufacturers (OEMs) worldwide offering a wide range of products including medical devices, precision motion systems, laser and beam steering technologies, as well as machine vision components. The company is known for its innovation, providing intelligent and reliable solutions in precision motion, laser processing, robotics, and automation technologies. Novanta serves principal markets in North America, Europe, and Asia Pacific, and is a publicly traded company on Nasdaq under the ticker symbol 'NOVT'.

1001 - 5000 employees

📋 Description

• Manage the compliance activities of the ISO 27001 information security program as well as the IT audit activities associated with the SOX program. • Continuously identify opportunities to improve the operation of various compliance initiatives and establish procedures to promote efficient, repeatable, and sustainable program results. • Develop, build & implement tools to improve compliance testing efficiency and effectiveness, moving the organization towards a continuous monitoring paradigm. • Pro-actively assess compliance readiness and provide leading practice recommendations for digital transformation initiatives such as IT and business system implementations, cloud migration activities, and the adoption of emerging technology capabilities. • Leverage deep technical IT audit knowledge to guide implementation of controls, remediate deficiencies / non-conformities, and navigate the impact of changes in the technology environment on different compliance obligations. • Also, serve as a subject matter expert with respect to regulatory expectations pertinent to the various compliance obligations managed. • Facilitate the integration of acquired entities' control environments into existing compliance frameworks as needed. • Perform various other reviews of IT management policies and procedures such as information security, change management, data management, SDLC, to ensure that controls surrounding these processes are adequate. • Recommend and draft new policies and procedures in areas of perceived gaps. • Stay current with industry regulations and best practices to ensure ongoing compliance. • Demonstrate strong project management skills, balancing competing priorities under pressure while managing sensitive and confidential information. • Participate in design discussions to define and integrate compliance requirements throughout the development lifecycle of new and ongoing projects. • Exhibit exceptional verbal and written communication skills, with the ability to collaborate across teams and deliver clear, professional and concise information to internal and external stakeholders. • Foster positive and collaborative relationships with process/control owners, leadership, internal and external auditors. • Participate in the development of training plans to educate staff on security principles, fostering a culture of compliance across the organization. • Promote a proactive culture of IT compliance, inspiring teams to prioritize privacy and security at every level. • Manage third-party contract labor involved in various compliance initiatives, at times overseeing teams of 3-5 staff.

🎯 Requirements

• Bachelor’s degree in computer science, information management, security and engineering, or other related degree. • Professional certification (e.g., CISA, CRISC, CISSP) is preferred. • Minimum of 7 years of experience in IT audit and compliance roles, preferably within a regulated industry. • In-depth knowledge of regulatory requirements and industry standards (e.g., GDPR, ISO 27001, SOX, NIS2). • ISO 27001 Lead Auditor certification is a plus. • Strong ethical standards and a commitment to maintaining confidentiality and integrity in all activities. • Strong analytical and problem-solving skills, with the ability to assess complex issues, develop, and implement effective solutions. • Experience with global manufacturing organizations. • Exposure to Oracle EBS and SAP ECC/Cloud in a manufacturing setting is preferred. • Big Four auditing experience is a plus. • Working knowledge of AuditBoard is a plus. • Excellent communication and interpersonal skills, with the ability to influence and collaborate with stakeholders at all levels. • Proven ability to manage multiple tasks and projects simultaneously, with keen attention to detail.