Job Overview
Devonshire Recruitment & Consulting Partners is seeking a Senior IT Risk & Compliance Specialist to lead governance, risk, and compliance initiatives across the organization. This role serves as a functional IT Security Lead, working with business managers to implement ethical business practices, ensure regulatory compliance, and develop enterprise-wide governance programs.
Key Responsibilities
- Develop and maintain governance policies aligned with industry standards and frameworks (NIST, COSO, COBIT, etc.).
- Communicate, implement, and monitor policies across departments to ensure compliance.
- Conduct application gap assessments, establish security requirements, and perform risk assessments.
- Provide risk management consulting services to internal teams, helping prioritize remediation efforts.
- Oversee the General Computer Control (GCC) environment, identifying risks and implementing mitigating controls.
- Facilitate operational-level risk assessments and act as a bridge to enterprise-level risk management.
- Support both Agile and Waterfall project methodologies while managing multiple responsibilities within the IT risk function.
Qualifications
- 8+ years in IT Audit, Governance, Risk & Compliance, Internal Audit, or related roles.
- Proven experience in policy creation, implementation, monitoring, and maintenance.
- Relevant certification (CISA, CISM, CISSP, CRISC, CRMA) or eligibility.
- Skilled in developing and implementing controls and processes via recognized frameworks.
- Strong background in IT risk assessment, controls, and project management.
- Excellent communication, relationship-building, and problem-solving skills.
- Ability to manage sensitive issues professionally and proactively.
