IT Risk Management and Compliance Lead at Baker Hughes in Houston, TX
Join our Digital Technology Team! We operate at the heart of the digital transformation of our business. From Digital Engineering to enabling employee success, the Digital Technology (DT) team is driven to provide the best products and services. We collaborate with the business and DT teams to ensure the highest standards of compliance are met. Partner with the best The IT Risk Management and Compliance Lead works collaboratively within a team to support the DT's compliance function in the development and implementation of strategic goals that drive compliance with various IT controls (e.g., SOX, Data Privacy, NIST 800-53, ISO 27001, ISA 62443) associated to regulatory, statutory, company or contractual obligations. As an IT Risk Management and Compliance Lead you will:
Leading portions of compliance programs and act as a central point of contact and subject matter expert on specific areas/applications to ensure appropriate internal controls for the enterprise, operational technology (OT) or product security Providing oversight and guidance for periodic control reviews to ensure compliance with information security policies and established security controls Responsible for the collaboration with management on the on-going compliance control programs as well as potentially leading testing coordination efforts between external/internal auditors and internal Business Controllership Stakeholders and Information Technology owners Maintaining on-going communication with the business, external/internal auditors as it relates to alignment on audit planning, walkthroughs/testing, audit requests, impact assessments, and deficiency evaluation of IT controls (e.g., SOX, Data Privacy, NIST 800-53, ISO 27001, ISA 62443) Developing metrics and compliance dashboards to monitor and measure effectiveness of security controls, and communicate progress in reducing risk Partnering with IT and the business, focusing on areas of highest IT and cyber risk, to continuously improve on controls or automate compliance activities Delivering timely and concise communication, including developing and producing management reports, illustrating status, trends, and action plans Educating Business Process and Information Technology control owners by leading training sessions and focus sessions to demonstrate compliance requirements and share hot topics Working with project teams on verification of controls prior to migration to production, as applicable. Fuel your passion To be successful in this role you will:
Have 5
years of combined experience in an IT risk management, IT compliance or IT audit role Have experience in project management practices, tooling, and managing projects through the SOX, GDPR, and/or NIST/ISO 27001/ISA 62443 lifecycle Have knowledge of COSO/COBIT framework and experience applying the framework in a manner that supports SOX, GDPR, and/or NIST/ISO 27001 compliance and operational efficiencies Have experience with a major governance, risk and compliance (GRC) tool, such as Archer or Service Now Have experience in ITGC/GITC audits including interfaces, control reports configurable controls Have experience with leveraging data analytics to perform targeted sampling techniques and using automation for continuous monitoring Have technical ERP knowledge on one or more major ERP package, such as Oracle EBS, SAP, and Hyperion systems Have demonstrated track record of technical expertise with one or more SOX, GDPR, and/or NIST/ISO 27001/ISA 62443 Have Information security certifications (CISSP, CISM, CISA, etc.) Have an ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner Work in a way that works for you We recognize that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns:
Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive Working with us Our people are at the heart of what we do at Baker Hughes. We know we are better when all of our people are developed, engaged and able to bring their whole authentic selves to work. We invest in the health and well-being of our workforce, train and reward talent and develop leaders at all levels to bring out the best in each other. Working for you Our inventions have revolutionized energy for over a century. But to keep going forward tomorrow, we know we have to push the boundaries today. We prioritize rewarding those who embrace change with a package that reflects how much we value their input. Join us, and you can expect:
Contemporary work-life balance policies and wellbeing activities Comprehensive private medical care options Safety net of life insurance and disability programs Tailored financial programs Additional elected or voluntary benefits
Salary Range:
$80K -- $100K
Minimum Qualification
Auditing & Compliance, Risk & Quantitative AnalysisEstimated Salary: $20 to $28 per hour based on qualifications.
Leading portions of compliance programs and act as a central point of contact and subject matter expert on specific areas/applications to ensure appropriate internal controls for the enterprise, operational technology (OT) or product security Providing oversight and guidance for periodic control reviews to ensure compliance with information security policies and established security controls Responsible for the collaboration with management on the on-going compliance control programs as well as potentially leading testing coordination efforts between external/internal auditors and internal Business Controllership Stakeholders and Information Technology owners Maintaining on-going communication with the business, external/internal auditors as it relates to alignment on audit planning, walkthroughs/testing, audit requests, impact assessments, and deficiency evaluation of IT controls (e.g., SOX, Data Privacy, NIST 800-53, ISO 27001, ISA 62443) Developing metrics and compliance dashboards to monitor and measure effectiveness of security controls, and communicate progress in reducing risk Partnering with IT and the business, focusing on areas of highest IT and cyber risk, to continuously improve on controls or automate compliance activities Delivering timely and concise communication, including developing and producing management reports, illustrating status, trends, and action plans Educating Business Process and Information Technology control owners by leading training sessions and focus sessions to demonstrate compliance requirements and share hot topics Working with project teams on verification of controls prior to migration to production, as applicable. Fuel your passion To be successful in this role you will:
Have 5
years of combined experience in an IT risk management, IT compliance or IT audit role Have experience in project management practices, tooling, and managing projects through the SOX, GDPR, and/or NIST/ISO 27001/ISA 62443 lifecycle Have knowledge of COSO/COBIT framework and experience applying the framework in a manner that supports SOX, GDPR, and/or NIST/ISO 27001 compliance and operational efficiencies Have experience with a major governance, risk and compliance (GRC) tool, such as Archer or Service Now Have experience in ITGC/GITC audits including interfaces, control reports configurable controls Have experience with leveraging data analytics to perform targeted sampling techniques and using automation for continuous monitoring Have technical ERP knowledge on one or more major ERP package, such as Oracle EBS, SAP, and Hyperion systems Have demonstrated track record of technical expertise with one or more SOX, GDPR, and/or NIST/ISO 27001/ISA 62443 Have Information security certifications (CISSP, CISM, CISA, etc.) Have an ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner Work in a way that works for you We recognize that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns:
Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive Working with us Our people are at the heart of what we do at Baker Hughes. We know we are better when all of our people are developed, engaged and able to bring their whole authentic selves to work. We invest in the health and well-being of our workforce, train and reward talent and develop leaders at all levels to bring out the best in each other. Working for you Our inventions have revolutionized energy for over a century. But to keep going forward tomorrow, we know we have to push the boundaries today. We prioritize rewarding those who embrace change with a package that reflects how much we value their input. Join us, and you can expect:
Contemporary work-life balance policies and wellbeing activities Comprehensive private medical care options Safety net of life insurance and disability programs Tailored financial programs Additional elected or voluntary benefits
Salary Range:
$80K -- $100K
Minimum Qualification
Auditing & Compliance, Risk & Quantitative AnalysisEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
