Job Description SummaryThis “Sr. IT GRC Assurance Engineer” role provides advanced IT and security engineering depth & breadth to perform hands-on technical designs, implementation & management of Information Security and IT controls that result in rigorous information assurance, regulatory compliance (SOX), and the confidentiality, integrity, and availability of Lamb Weston's most critical assets.
- This engineer will perform the Risk Assessment of end2end environments, perform hands-on technical solution design engineering, and oversight of the implementation of the Risk Treatments and Controls that mitigate risk exposures, with emphasis on SOX compliance success.
- Quarterly, provide quality assurance on management's control procedures to assess compliance with Sarbanes-Oxley.
- This role will consult & educate IT organizations & Lamb Weston Business Units to enable their design, implementation, monitoring & management of associated security & IT controls to ensure all varieties of compliance.
- This role will author Policies, Standards, & Specifications/Procedures required to fulfill all forms of associated Governance & Compliance.
- This engineer will perform compliance activities that include interviewing Control Owners and randomly performing ad-hoc hands-on audits accessing systems & controls to ensure verification, i.e. Trust but Personally Verify
- Develop dashboards for and provide reports on a regular basis to keep the IT Leadership & Management Team, IT GRC Management Team, appropriate Business Unit Senior Management informed of compliance efforts.
- Partner with internal and external audit team members to provide a streamlined control walkthrough and evidence gathering process.
- As appropriate, partner with IT and Business Unit colleagues to remediate associated Control events and incidents. This could occur outside of traditional business hours.
- Bachelor's degree required in Information Technology, Information Security, associated field of study, or equivalent professional experience
- 5+ years of experience attaining & maintaining Sarbanes-Oxley (SOX) compliance required
- 5+ years of experience as an IT/SOX/Security Auditor
- 3+ Years of experience with SAP
- 5+ years of experience engineering IT & Information Security Controls; emphasis on SOX
- CISA, CRISC, or CISSP certification preferred
Apply on company website