The Manager of Assurance & Advisory will be part of a global function and help lead the organization’s various information security audit, regulatory compliance, enterprise risk management, and data protection initiatives. This individual will work within the Global Assurance & Advisory function whose responsibility is to collaborate with internal and external stakeholders to ensure controls are in place to meet information privacy, security, regulatory and contractual requirements, and to manage enterprise risks at acceptable levels. The individual should be well-grounded in leading practices in cybersecurity, to assist in sustaining a secure and compliant enterprise. Key responsibilities include managing and facilitating internal and external audits related but not limited to the following frameworks: PCI DSS, ISO 27001, ISO 22301, ISO 20000, ISO 9001, and data protection regulations. The individual will also assist in facilitating applicable third-party audits and evaluations of Ensono. This position is key to overseeing our organization’s deployment of controls and adherence to applicable requirements to help manage risk. The fundamental objective is to provide reliable assurance to our internal and external stakeholders that Ensono is doing the right things to safeguard the enterprise, and well positioned to continuously deliver on its obligations.

What you will do:

• Manage and oversee the maintenance of technical and organizational controls across multiple technology platforms and diverse system environments within scope of our industry certifications and attestations (ISO, PCI DSS, SOC 1 & 2[SSAE 18] etc.)
• Manage our ISO certificate maintenance activities (this includes ISO 27001, 22301, 20000, and 9001)
• Perform periodic reviews of compliance with internal standards
• Provide guidance on framework-based information security and data protection/privacy requirements
• Support enterprise and third-party risk management, including conducting risk assessments, maintaining an enterprise risk register and the application of remedial actions
• Facilitate internal and external audits and work directly with clients and their auditors
• Identify process gaps and assist with the plans for remediation
• Participate in strategic planning and design of controls, and continuous improvement
• Work with business units to understand key controls and processes
• In an advisory capacity, lead and provide guidance to teams to achieve desired results on a range of issues related to data protection, information security, risk management, regulatory compliance, product ideation and go-to-market initiatives

What you will need:

• Knowledge of leading practices in information security and governance frameworks
• Experience in performing audits, privacy and security risk assessments
• Experience in working with auditors and facilitating audits
• Knowledge of data protection and privacy regulations, including but not limited to HIPAA, GDPR, etc.
• IT process knowledge in areas such as user access management, change control, incident management, networks, systems operations, security, compliance and risk management
• Understanding of control concepts and processes
• Strong client relationship and interpersonal skills
• Excellent written and verbal communication skills
• 4-year Bachelor’s degree in computer science, information security, information technology or related fields (years of experience will be considered)
• Preferred: Maintains 1 or more professional certifications such as CISA, CISSP, CISM, CRISC, CGEIT, CIPP/T, QSA/ISA
• Honesty, curiosity, reliability, passion and collaboration – the foundation of Ensono’s culture

What will set you apart:

• Knowledge of the GDPR, HIPAA and other international data protection and privacy regulations
• Advanced degree in technology, information security or related fields
• Technical background or training in IT business systems
• Prior related consulting experience in cybersecurity, privacy or compliance
• General knowledge of technology outsourcing methodologies, operations and cloud computing

Primary Location City/State:

Downers Grove, IL - Finley, Illinois

Additional Locations (if applicable):

Ensono is an Equal Employment Opportunity Employer. Ensono provides equal employment opportunities to all qualified applicants without regard to race, sex, sexual orientation, gender identity, national origin, color, age, religion, protected veteran or disability status, or genetic information.