Laureate Education is seeking an experienced Director, IT Compliance - Process and Technology Automation reporting to Laureate’s Executive Director of SOX Compliance. The ideal candidate will possess in depth knowledge of information technology, especially compliance broad business experience and internal audit practices. The candidate will leverage knowledge of business process and IT to lead audit programs, execute risk assessments and interact with the compliance and risk management global program(s) for Laureate. The candidate will also be expected to effectively lead a team of IT SOX Compliance professionals.
Responsible for developing a Center of Excellence that will anticipate, recognize and manage all facets of IT risks, including but not limited to regulatory compliance (SOX, FERPA, PCI; Privacy Laws). This role requires integrity and strength of character as well as a willingness to challenge staff on all levels to ensure that Laureate is compliant with all applicable laws and company ethics.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- Increase knowledge of ITGC throughout the Laureate network and ensure consistent control execution
- Accountable for the drafting, rolling out and enforcing comprehensive policies, procedures, SOPs and IT Compliance playbooks
- Provide consultative direction to regional leaders on procedures, controls and technologies developed by the Center of Excellence.
- Collaborate directly with the Executive Director of SOX Compliance to promote and enforce compliance initiatives.
- Contribute to major projects by providing expert level guidance and support to teams around the globe
- Take ownership of establishing automated controls for ITGC and establishing a strong ICFR environment
- Reinforce an understanding of the relationship between failure to execute controls consistently and impact on ICFR
- Responsible for compliance results and report to Corporate Governance team
- Successfully identify trends and themes across regions and systems and acts upon
- Communicate lessons learned and disclose leading practices across groups
- Oversees documentation and assessment of IT internal controls over financial reporting as part of ongoing Sarbanes-Oxley (SOX) compliance effort
- Provides leadership and guidance to IT SOX Compliance team
- Supervise daily activities of IT SOX Compliance Analyst personnel
- Responsible for driving evaluation of internal control deficiencies and ensures remediation strategies are correct as proposed by external/internal audit or internal control staff
- Supervise creation of efficient procedures and methodologies to test controls relevant to SOX
- Oversees development of meaningful metrics to demonstrate continuous improvement in the audit process and in the efficacy of internal controls
- Create specific metrics to monitor control deficiencies and remediation accountabilities across all IT functional groups
- Will work with Laureate’s IT Executive Regional CIOs, local IT Management and Compliance teams to identify automation opportunities to streamline application and infrastructure controls across IT functional groups
- Coordinates with IT personnel across the enterprise to implement required controls, ensure these controls are executed, and maintains appropriate evidence.
- Reviews reports that are requested for the reporting of SOX IT related information to various levels of management.
- Responsible for coordinating with IT process owners on updating IT SOX documentation.
- Provides guidance on internal financial policies and procedures with respect to IT controls.
- Oversee develop and execute SOX Compliance training and awareness programs based on audit findings and regulation(s) changes
- Work with IT Compliance due diligence programs for new acquisitions and develop plans as required based on GAP analysis results and requirements
- 10+ years of work experience in IT Audit, Compliance, Internal Controls and/or Public Accounting.
- 8+ years of people management experience
- Experience working for a Big Four consulting practice or a leadership role within a large multi-national company supporting SOX, IT Audit or IT Compliance initiatives.
- Experience with ISO, SOX, PCI, HIPAA, FERPA, Privacy regulations and other control frameworks.
- This position requires the ability to analyze and interpret the risk implication of changes in the compliance requirements and the control environment and making recommendations to CISO
- The role requires risk management expertise to ensure creation and maintenance of effective risk mitigation strategies across all stakeholder groups; Business, IT functional groups, and Information Systems Security
- Strong change management and negotiation skills with ability to work within a matrix-run organization.
- Bilingual in Spanish or Portuguese
- Experience in developing and deploying best practices, policies, procedures and processes.
- Builds a network of relationships across IT functional groups, business peers and executive management
- Influence development of broad based risk management strategies
- Well organized, with strong time management skills.
- Strong prioritization skills and attention to detail with the ability to manage & coordinate multiple competing priorities and requests.
- Demonstrated ability to work effectively with colleagues and senior leaders in business groups and across finance and multiple locations.
EDUCATION and/or EXPERIENCE:
- Minimum of a Bachelor’s degree in Computer Science/Information Systems Management
- MBA preferred
- Certified in Security, Governance, Compliance and Project Management. ISACA CISA, CISM, CGEIT, CISSP, CRISC, PMP or equivalent professional certification desirable
- Experience with one of the big four preferred