Manager IT Risk & Compliance at Paylocity
Don't just land a job. Launch your future.
Our all-in-one software platform gives HR pros a way to easily manage daily tasks in payroll, benefits, talent, and workforce management.
But what makes us different is that our technology is backed by a culture that cares. We care about our team members, clients, and partners - because people matter most. And people have always been at the heart of our business.
Since our founding in 1997, this is the thing that's stayed the same, from our employees to the millions of users nationwide that access our platform. We pride ourselves on partnering with our clients to build the workplace they and their employees crave.
Let's go forward together.
As a Manager - IT Risk & Compliance, you will lead a team of risk and compliance analysts in driving the transformation of the company's IT risk and compliance program by supporting the execution of internal and external assessments associated with current and emerging regulations and standards. The person in this key role will report to a Director and manage projects of varying complexity collaborating with professionals across the organization to understand existing IT policies, procedures and processes and provide insights related to applicable risk areas, mitigations, process improvements, and control recommendations.
Reports To: Director, Product & Tech
The below represents the primary duties of the position, others may be assigned as needed. To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Assess compliance with policies, standards, and regulations through the management and performance of risk assessments and controls evaluations and formulate recommendations related to non-compliance areas requiring remediation.
- Manage overall support of internal and external audits with IT and business process owners related to SOX, SSAE 18 (SOC), ISO27001, and HIPAA.
- Monitor existing risk and controls framework for emerging risks including evaluating applicability to the company and providing control recommendations, where applicable, to align with the company's risk tolerance level.
- Assist with the development of management action plans related to non-compliance and at-risk areas and manage to completion including periodic reporting to key stakeholders.
- Identify improvement opportunities and provide recommendations to further mature existing IT processes and controls to align with best practices including use of automation and optimization.
- Serve as a subject matter resource to assess compliance implications related to technical implementations and other IT projects and manage execution of pre-implementation reviews.
- Design continuous controls monitoring program utilizing GRC solution, dashboards, analytics, automation, and other supporting tools.
- Prepare ongoing reports with specified metrics/key performance indicators related to compliance activities, audit results, remediation plans, and other compliance efforts and present to IT and executive management.
- Provide input into enhancement of corporate IT policies and procedures in line with regulatory and organizational requirements.
- Assist in educating and training individuals across the organization including control and process owners related to compliance concepts, requirements, and responsibilities and establish awareness regarding role of the overall risk and compliance function.
- Minimum of 6 years progressive experience ideally with a Public Accounting firm, Software-as-a-Service (SaaS), or Technology company in one or more of the following areas: IT Compliance, IT Audit, IT Risk Management, and IT Governance
- Bachelor's degree in Information Security, Computer Science, Information Systems, Information Assurance or Accounting
- Extensive knowledge and experience with regulatory frameworks and compliance standards such as SOX, SSAE 18 (SOC), COBIT, NIST, ISO, HIPAA, CMMC, etc.
- Experience with performing technical risk assessments, analyzing risk, and providing recommendations on risk mitigation strategies in cloud and on-premises environments
- Experience working and collaborating effectively with executives, technical subject matter experts, and internal/external auditors to navigate risk management complexities and drive organizational compliance
- Experience with the monitoring and evaluation of technology processes and controls including design and operating effectiveness testing and reporting on results and recommendations
- Strong verbal and written communication skills in interacting with technical and non-technical individuals across the business and third parties
- Strong project management and organizational skills with demonstrated ability to complete assignments timely and effectively
- Possess one or more of the following professional designations: CISA, CISSP, CRISC, CGEIT, CISM, CPA
- Strong verbal and written communication skills in interacting with technical and non-technical individuals across the business and third parties.
Our journey forward.
Paylocity strives to create an organizational culture where every employee has a voice, feels truly welcome, appreciated, and free to be themselves, and is empowered and enabled to do their best work. A strong commitment to diversity, equity, and inclusion is critical to creating such a culture.
We've made great strides to support diversity, equity, and inclusion. That being said, we realize there's still room for improvement. Our current focus is on the following initiatives:
- Education & Awareness
- Client Community
- Company Representation
- Advocacy & Support
- Fairness & Equality
- PCTY Gives
This job description has been written to provide an accurate reflection of the current job and to include the general nature of work performed. It is not designed to contain a comprehensive detailed inventory of all duties, responsibilities, and qualifications required of the employees assigned to the job. Management reserves the right to revise the job or require that other or different tasks be performed when circumstances change.
This role can be performed from any office in the US. The pay range for this position in Colorado is?$109,800 -162,880 /yr; however, base pay offered may vary depending on job-related knowledge, skills, and experience. This position is eligible for an annual bonus and restricted stock unit grant based on individual performance in addition to a full range of benefits outlined here. This information is provided per the Colorado Equal Pay for Equal Work Act. Base pay information is based on market location. Applicants should apply via www.paylocity.com/careers.