IT Compliance & Application Security Manager

This is a Full-Time / Permanent Position. You will be directly working with an end client for this position. The interview process will be initiated as soon as possible. We are excited to hear back from you. Job Description Role: IT Compliance & Application Security Manager Location: Memphis is preferred but Remote is fine Job Type: Full Time / Perm / Direct Hire Salary: Base + annual bonus ($20K – $25K) Position Summary: The IT Compliance & Application Security Manager is responsible for leading and coordinating IT compliance initiatives, with a strong focus on Sarbanes-Oxley (SOX) and cybersecurity requirements. This role ensures that IT controls are effectively designed, documented, and executed in alignment with regulatory standards and audit expectations. This position plays a critical role in identifying risks, implementing cybersecurity best practices, and maintaining a robust control environment across both financial and non-financial systems. Technical Skills & Competencies Application Security, IT Controls & Frameworks Deep knowledge of ITGCs, application controls, and frameworks (COSO, COBIT, NIST). Experience in change management, access management, and system operations. Audit Methodologies & Standards Familiarity with PCAOB, ISACA, and other audit standards. Experience working with internal/external auditors (Big Four experience is a plus). Regulatory & Compliance Knowledge Strong understanding of SOX (especially Section 404), GDPR, HIPAA, PCI-DSS. GRC Tools Proficiency in SAP GRC and other GRC platforms for control monitoring and reporting. Cybersecurity Fundamentals Knowledge of ISO 27001, NIST CSF, incident response, and vulnerability management. Data Analysis & Reporting Ability to analyze logs, metrics, and audit findings. Proficiency in Excel, Power BI, or similar tools for reporting. Key Responsibilities Control Framework Ownership Develop and maintain application-specific control matrices (e.g., SoD, secure development, identity lifecycle, privileged access). Ensure alignment with frameworks such as COSO, COBIT, and NIST. Policy Implementation & Oversight Translate enterprise security policies into actionable control requirements. Ensure consistent implementation across centralized (e.g., SAP GRC) and decentralized platforms. Partner with internal software development teams to promote secure coding practices and integrate security checkpoints within CI/CD pipelines. IAM & SoD Governance Develop governance over identity provisioning, role design, and segregation of duties enforcement. Coordinate exceptions and remediation plans in collaboration with IAM and audit teams. Metrics & Reporting Define and report on KPIs/KRIs related to control effectiveness and risk posture. Deliver dashboards and reports to senior leadership and risk committees. Cross-Functional Collaboration Partner with application owners, cybersecurity architects, GRC analysts, and vendors to ensure compliance coverage. Policies, Procedures, and Documentation Develop and maintain IT compliance policies and procedures. Ensure documentation meets audit standards and reflects current operations. Education, and training, develop and train application and system owners on their responsibilities and self-assessment for security controls. Interpersonal Skills Collaboration & Teamwork: Effective cross-functional collaboration. Communication: Clear articulation of technical concepts to non-technical stakeholders. Leadership & Influence: Ability to drive compliance initiatives and gain organizational buy-in. Adaptability: Flexibility in navigating regulatory and technological changes. Strategic Thinking: Alignment of compliance efforts with business objectives. Proactive Mindset: Anticipation of risks and continuous improvement. Qualifications Minimum 5 years of experience in IT compliance, audit, or cybersecurity roles. Fluent in English. No travel required. Core Competencies Courageous Trustworthy Inclusive & Collaborative Business Savvy Operational Excellence