IT Governance Risk and Compliance (GRC) Manager
Responsible for the facilitation of IT risk management processes. Collaborates cross-functionally to help mature and execute the IT Risk processes which include; governance, risk assessment, risk analysis, risk metrics, risk reporting, technology enablement, maintenance of the risk taxonomy, and organizational integration.
- Identifies, analyzes, and evaluates risk through the use of an assessment methodology and procedures for the company’s assets, relationships, processes, and functions associated with IT risk.
- Provides targeted and quantifiable reporting of IT Risk Management activities, including all aspects of the metrics/reporting lifecycle management. Collaborates with all technology groups, lines of business, and corporate functional areas to define, gather and analyze metrics. Provides targeted reporting to all levels of IT and Business management.
- Maintains a customized process, risk and control framework to improve the organization’s IT risk profile by aligning with regulatory, leading practices and internal requirements.
- Coordinates and communicates IT risk-related activities among key stake holders. Integrates and coordinates risk intelligence artifacts to gain efficiencies and reduce redundancy.
- Monitors key risk indicators (KRIs) and key performance indicators (KPIs)
- Ensures continual alignment to the business and IT strategy through its oversight of the IT Risk Management framework and processes.
- Executes, maintains, oversees technology or GRC (governance, risk and compliance ) tools with the goal of improving efficiency, reducing costs, improving agility and optimizing information technology governance, risk, and controls management processes, while providing the business a more defined view into technology risk.
- Understands the business organizational structure and culture to best attain objectives and results.
Walgreens, one of the nation's largest drugstore chains, is included in the Retail Pharmacy USA Division of Walgreens Boots Alliance, Inc., the first global pharmacy-led, health and wellbeing enterprise. More than 10 million customers interact with Walgreens each day in communities across America, using the most convenient, multichannel access to consumer goods and services and trusted, cost-effective pharmacy, health and wellness services and advice. Walgreens operates 8,175 drugstores with a presence in all 50 states, the District of Columbia, Puerto Rico and the U.S. Virgin Islands. Walgreens omnichannel business includes Walgreens.com. Approximately 400 Walgreens stores offer Healthcare Clinic or other provider retail clinic services.
As the neighborhood drugstore and retailer, our goal is to make health and happiness simpler, easier and within reach. And we remain a trusted wellness provider offering convenient access to important health services, such as immunizations and an array of pharmacy services that can help patients improve their health. To our team members, Walgreens represents a unique opportunity to excel in their careers in a welcoming and inclusive environment. We offer the chance to work in a truly supportive environment, and be a part of a progressive organization dedicated to the well-being of our customers, team members and the communities we all call home.
- Bachelor’s Degree and at least 5 years of experience in IT.
- At least 5 years of experience with IT compliance, IT Risk, and/or IT audit.
- At least 5 years of experience working with cross-functional teams.
- Willing to travel at least 5% of the time for business purposes (within state and out of state).
- Master’s Degree or MBA
- CISA (Certified Information Systems Auditor) OR CRISC (Certified in Risk and Information System Control) OR CGEIT (Certified in Governance of Enterprise IT)
- Experience communicating and presenting both verbally and in writing to various audiences, including committees, large groups, senior management, and executive leadership.
- Experience with all aspects of regulatory and contractual compliance, especially Payment Card Industry (PCI), Sarbanes Oxley, and Health Information Portability and Accountability Act (HIPAA) requirements for as they relate to IT.
- Experience with IT process, risk and control frameworks, such as COBIT, ISO 27001, ITIL, Risk IT.