Loading...
Share this Job

ITGC Compliance Manager

Location: 

King Of Prussia, PA, US

Company:  AmeriGas Propane, Inc.
Remote Options: 

When you work for AmeriGas, you become a part of something BIG! Founded in 1959, AmeriGas is the nation’s premiere propane company, serving over 1.5 million residential, commercial, industrial and motor fuel propane customers. Together, over 6,500 dedicated professionals will deliver over 1 billion gallons of propane from 1,800+ distribution points across the United States.

Posting

Job Summary (Purpose):  

Reporting to the Director of IT Risk Management, the ITGC Compliance Manager will have primary responsibility for ensuring effectiveness of all IT General Controls (ITGCs).  The manager will act as the primary point of contact between IT and internal / external auditors to provide leadership in managing auditing activities, requests and developing responses to audit findings.  


Key Characteristics:

•    Sound understanding of security and control principles including logical access controls, change control, least privilege, segregation of duties, computer operations, network security, vulnerability management, and secure coding
•    Broad technical understanding of data management platforms (e.g., SAP, PeopleSoft, Oracle, Microsoft SQL Server, etc.) and associated data security controls
•    Strong technology acumen and the ability to assess data privacy gaps in products/services design


Duties and Responsibilities:

•    Provide quality assurance of all IT General Controls through assessment, walkthroughs, and audits to ensure operational effectiveness of those security controls. 
•    Identify risks and gaps and facilitate remediation
•    Provide risk metrics to management regarding audit performance and findings
•    Assist control owners with root cause analysis and track risk management action plan progress
•    Guide efforts to create common control framework and uniform compliance reporting standard
•    Performing examination of security controls to determine design and operational effectiveness
•    Conducting IT controls management testing of controls independent of the audit schedule to save time during audits
•    Identifying and tracking assessment/audits using performance metrics
•    Implementing and supervising the issue tracking and resolution process
•    Reviewing the audit assessments conducted by both internal and external audit teams
•    Collaborating with both internal and external auditors
•    Planning and conducting third-party vendor assessments
•    Reviewing third-party vendor attestation and audit reports, and providing feedback to business leaders and risk owners


Education and Experience Required:

•    Bachelor’s Degree in Business, Accounting, Information Technology, or other quantitative discipline
•    10+ years of broad privacy and data protection, compliance or legal experience
•    5+ years of audit/assessment experience with PCI and/or SOX
•    Experience with managing people a must as well as project management best practices
•    Experience with common information security management frameworks, such as International Organization for Standardization (ISO) 2700x, ITIL, CSC20, COBIT and National Institute of Standards and Technology (NIST) frameworks
 

 

AmeriGas is an Equal Opportunity and Affirmative Action Employer.  The Company does not discriminate on the basis of race, color, sex, national origin, disability, age, gender identity, sexual orientation, veteran status, or any other legally protected class in its practices.

 

AmeriGas is a Drug Free Workplace. Candidates must be willing to submit to a pre-employment drug screen and a criminal background check. Successful applicants shall be required to pass a pre-employment drug screen as a condition of employment, and if hired, shall be subject to substance abuse testing in accordance with AmeriGas policies. As a federal contractor that engages in safety-sensitive work, AmeriGas cannot permit employees in certain positions to use medical marijuana, even if prescribed by an authorized physician.  Similarly, applicants for such positions who are actively using medical marijuana may be denied hire on that basis.
 


Nearest Major Market: Philadelphia

Job Segment: Compliance, Medical, ERP, Database, Oracle, Legal, Healthcare, Technology