IT Control Compliance and Assurance Manager

The IT Control Compliance & Assurance Manager will be responsible for planning, executing, and overseeing IT Control Compliance & Assurance programs across the company’s operations. This includes evaluating IT general controls (ITGC), application controls and compliance with relevant industry and internal standards.

This role also conducts IT compliance assessments and IT practice audits to evaluate the maturity, effectiveness, and consistency of IT practices to drive measurable improvement in control posture across sites.

• IT General Control Assessment & Independent Assurance
  • Perform design and operating effectiveness assessments for key ITGC domains:
  • Patch & Vulnerability Management
  • Configuration Baselines / Hardening
  • SDLC & Release Management
  • Validate that LoD 1 maintains evidence, logs, tickets, and control documentation.
  • Evaluate the design and operating effectiveness of IT controls.
• Pre-Project Implementation Audit and Audit Readiness Checks
  • Perform pre-project implementation audits for significant IT initiatives prior to go-live or major deployment.
  • Provide independent assurance and recommendations to project teams and control owners to address control gaps early in the project lifecycle.
  • Conduct pre-audit walkthroughs with control owners.
  • Verify completeness and quality of evidence before Internal Audit/External Audit testing.
  • Identify gaps early and ensure timely remediation.
• IT Compliance Assessments and IT Practice Audit
  • Plan and perform periodic IT compliance assessments across operational locations.
  • Assess site-level adherence to:
  • IT General Controls (ITGC)
  • Security, operational controls and standards
  • Control design effectiveness, operating effectiveness, and consistency of execution across sites.
  • Identify systemic weaknesses, location-specific gaps, and recurring control failures.
  • Conduct risk-based IT practice audits focusing on how LoD1 executes day-to-day IT practices
  • Translate findings into clear, actionable improvement recommendations.
• Compliance & Policy Adherence Monitoring
  • Perform periodic compliance reviews against:
  • Security standards
  • Flag non-compliance and escalate unresolved issues.

• Bachelor’s degree in Information Technology / Computer Science / Information Systems / Cybersecurity / Business or related field.
• At least 5 years’ experience in IT audit, IT compliance, internal audit, risk management, or related role.
• Solid understanding of IT control frameworks and standards (e.g. COBIT, COSO, ISO/ISO-27001, general ITGC and application control concepts).
• Strong analytical, problem-solving and risk-assessment skills; ability to identify control gaps and propose practical remediation actions.
• Excellent written and verbal communication skills — able to produce clear compliance and assurance reports and communicate findings to technical and non-technical stakeholders at all levels.

• Professional certifications such as CISA, CISM, CRISC, or ISO-27001 Lead Auditor are a strong plus.
• Prior experience working in manufacturing, industrial, or production-oriented organizations — understanding of the interplay between IT systems and production/operations.
• Experience with audit or compliance tools/software, data analytics tools (e.g. audit data analytics, log analytics), and ability to work with cross-functional teams.