IT Compliance Manager

The IT Compliance Manager is responsible for managing IT Compliance requirements in NXP IT. Key activities include helping to create and maintain NXPs IT General Control environment (ITGC) across all in scope SOX systems and performing various compliance assessments for Information Security, AI and Sustainability (ESG) compliance. This position will help ensuring that all key IT control objectives are in place and operating, help coach control owners on changes that need to be made in the event a control is not operating and designing remediation plans. Candidates must have direct “hands-on” experience in IT (SOX) audits, performing various compliance assessments, and have a sound understanding of IT Compliance requirements is a must. Effective stakeholder communication and coaching is pivotal in this role as well the ability to manage change and apply a mindset of driving activities to closure. This is a cross-functional role, working closely with all IT groups across NXP and other functional (business) teams to ensure controls and compliance requirements are clearly defined and implemented. Candidates must be able speak both technical and business language interchangeably.

You will report to the IT Audit & Compliance Director in IT-Information Security. The position is part of the ‘Audit and Compliance’ division in IT-Information Security, a team consisting out of 6 audit/compliance professionals.

Location : This is a full-time position based in either Austin or Eindhoven.

Responsibilities

• Proactively advise on IT risks, maintaining the IT control environment, policies and overall framework
• Perform compliance assessments on compliance requirements such as NIS2 and using reference frameworks such as NIST SP800/53, NIST CSF and NIST AI framework and identify potential gaps and improvement opportunities and drive the gaps/improvement opportunities to closure
• Identify, assess and advise on compliance risks and implementation of IT controls
• Design IT testing procedures to identify and evaluate risk exposures and determine the effectiveness and efficiency of controls
• Drive the creation of remediation solutions and/or exception documentation to closure
• Assists application teams with the creation and implementation of IT control objectives/be key point of contact for the global IT teams across all IT domains
• Serves as the subject matter expert and point of contact to Internal and External Auditors.
• Works with key IT vendors / partners on coverage / quality of SOC1 reports
• Works closely with Corporate Controllership department in Finance
• Role as subject matter expert in new projects such as implementation of new (SaaS) solutions to ensure compliance objectives are met as part of the project process.

Required

• Bachelor’s degree in Accounting, Business, Law, Information Technology or Computer Science preferred or equivalent experience.
• Minimum of 5-7 years’ work experience in IT Risk Management, Information Security Compliance, IT Compliance, SOX compliance and auditing with a strong background in IT controls.
• RE, CISA, CISM – certified or equivalent is a pre
• A background in auditing SAP and other IT controls along with automated and business process controls.
• Technical knowledge of IT landscapes and roadmaps
• Strong understanding of Sarbanes-Oxley (SOX), NIS2 and other IT compliance requirements that may impact compliance as well as key reference frameworks such as NIST CSF and NIST SP800/53
• Experience with controls automation
• Strong conceptual, analytical, problem-solving, troubleshooting and resolution skills.
• Mindset of driving activities to closure and taking ownership
• Strong coaching and presentation skills

More information about NXP in the United States...

NXP is an Equal Opportunity/Affirmative Action Employer regardless of age, color, national origin, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, marital status, status as a disabled veteran and/or veteran of the Vietnam Era or any other characteristic protected by federal, state or local law. In addition, NXP will provide reasonable accommodations for otherwise qualified disabled individuals.