This job board retrieves part of its jobs from: Toronto Jobs | Emplois Montréal | IT Jobs Canada

Looking for a new job in the State of Georgia? Look no further!

To post a job, login or create an account |  Post a Job

VP, IT Governance, Risk & Compliance


This is a Full-time position in Atlanta, GA posted December 20, 2021.

The game is changing in business payment, and FLEETCOR is leading the way with innovative solutions that streamline the payment process and help companies control spending. 

The FLEETCOR team has cracked the code.

Weve assembled an A-team of business partners, payment networks, and employees.

We have the technology and have made it our mission to develop and deliver better ways to pay.

If you are an Executive Lead in IT Governance, Risk and Compliance, we want you to join our team.

Apply Now!

**** Remote Opportunities for the right fit **** 

Role and Responsibilities

The VP of IT Governance, Risk & Compliance is primarily responsible for providing leadership and supervision of the IT compliance and risk teams.

The VP of IT Governance, Risk & Compliance understands security risks and technologies and is able to effectively communicate them to business units and leadership.

In addition, they help evaluate risk according to best practices, as well as compliance mandates, and provide detailed reports from assessments.

When external examiners conduct engagements, the VP of IT Governance, Risk & Compliance and their team are the primary point of contact and facilitator to ensure internal and external teams are abiding by secure and compliant computing and administrative procedures.

In this position, the VP of IT Governance, Risk & Compliance will regularly review, evaluate and verify controls, and then support the documentation and reporting based on the current state.

They will also use key risk indicators and IT general controls (ITGC) to support the assessment of system designs, data privileges/access and the entire supply chain related to a business system.

The VP of IT Governance, Risk & Compliance possesses a strong compliance and audit background and understands risk mitigation and technical controls.

They are also expected to lead teams that perform some technical work, and must possess leadership qualities.

This position requires strong written and oral communication skills, as well as the ability to communicate detailed, technical information in a manner comprehensible by individuals at varying degrees of experience and skill level.

The role requires the ability to speak confidently in front of large groups and with corporate management, vendors and service providers.

The VP of IT Governance, Risk & Compliance also contributes to the company IT security strategy and roadmap.

Main responsibilities:

  • Support internal audit department practices and processes with detailed reporting and accompanying technology recommendations.
  • Work closely with audit and security leadership to ensure cybersecurity and audit policies and practices as defined in global and industry standards are aligned with an appropriate level of risk.
  • Retain expertise in one or more compliance standards, including Sarbanes-Oxley Act (SOX), Payment Card Industry (PCI), Service Organization Control 1 & 2 (SOC), National Institute of Standards and Technology (NIST) and International Standards Organization (ISO) 27001.
  • Be actively informed and engaged in upcoming and completed security projects across the business.
  • Enforce a strong security culture mindset set forth by risk management, ensuring uniformity across technical teams, business units and employees.
  • Foster strong relationships with internal business units and excel in risk management, technical controls and cybersecurity communication.
  • Engage with critical third parties and validate adequate controls are in place.
  • Specify guidance on key risk indicators and ITGC testing methodology, validation and alignment with policies and documentation.
  • Persuade IT and security teams to adopt cybersecurity controls.
  • Help uncover, validate and document deficiencies in risk management, technology and cybersecurity practices.
  • Serve as a point of contact and liaison with external examiners for assessments throughout the year and at end-of-year evaluations.
  • Deliver presentations to management explaining audit findings and recommendations for corrective action that are operationally feasible, within budget and team skillset.
  • Stay abreast of new laws, regulations and standards, and assess their impact to the business.
  • Travel as needed to office locations and third-party on-site engagements.
  • Provide disaster recovery and business continuity planning advice when working with leaders for business and cybersecurity resiliency.
  • Support and guide the information security risk management program and be knowledgeable in various risk assessment methodologies program and be knowledgeable in various risk assessment methodologies within the business unit.

Qualifications and Education Requirements

Bachelors degree in computer science, information assurance, or related technical field or business administration.

At least 10+ years’ IT or cybersecurity experience (or IT coupled with cybersecurity), with at least 5+ years in an IT and/or Information Security compliance and audit operationally focused role (e.g.

PCI DSS, SOX, SSAE18, GDPR, etc.) and minimum of

Security compliance and audit operationally focused role (e.g.

PCI DSS, SOX, SSAE18, GDPR, etc.) and minimum of

3-5 years in a team lead or supervisor role.

At least 3 years’ experience working with business leadership and enterprise projects.

Strong project management, multitasking and organizational skills.

Applicable knowledgeable with national and global cybersecurity policies, regulations and security frameworks.

Capable of working with diverse teams and promoting an enterprise-wide positive security culture.

Adept at understanding business focus and processes and ability to inject cybersecurity into the business through teamwork and influence.

High level of integrity, trustworthiness and confidence to represent the company and risk management leadership with the highest level of professionalism.

Preferred Skills

Current certifications such as CISSP, CISA, CRISC, CISM or other relevant certification.

Self-starter requiring minimal supervision.

Highly organized and efficient.

Excellence in communicating compliance, business risk and remediation requirements from assessments.

Demonstrates strategic and tactical thinking, along with decision-making skills and business acumen.

Additional Notes 

Ideal candidates will be a self-starter, can manage multiple projects/initiatives at once, with experience in multiple information security management and monitoring tools as well as navigating a variety of industry and international regulatory frameworks.

Work in fast paced, global, and highly technical environment.

FLEETCOR’s COVID-19 Hiring Guidelines:

Due to COVID-19, most of our employees are temporarily working from home.

In addition, FLEETCOR implemented a virtual interviewing and hiring process, engaging with talent by phone or video and onboarding new employees remotely.

We value the safety of each member of our community because we know we’re all in this together.

Equal Opportunity/Affirmative Action Employer:

FLEETCOR is an Equal Opportunity Employer.

FLEETCOR provides equal employment opportunities to all employees and applicants without regard to race, color, gender (including pregnancy), religion, national origin, ancestry, disability, age, sexual orientation, gender identity or expression, marital status, language, ancestry, genetic information, veteran and/or military status or any other group status protected by federal or local law.

If you require reasonable accommodation for the application and/or interview process, please notify a representative of the Human Resources Department.