Manager of Risk, Compliance, and Governance

Are you ready to drive cybersecurity compliance and governance strategies for a Fortune 200 Company with some of the most iconic brands? If you have a passion for risk management, a strong background in IT compliance, and the ability to thrive in a fast-paced environment, we want to hear from you! We are currently seeking a Manager of Risk, Compliance, and Governance to join our Enterprise Technology group.

While this role offers the flexibility of remote work, you will have the opportunity to collaborate with teams in Richmond, VA, and occasional travel to the area will be required.
The role will play a pivotal role in ensuring the delivery of high-quality security compliance and audit results, supporting SOX control owners/operators, and driving the execution of IT compliance strategies that align with organizational goals.
In this role, you will partner closely with Corporate Audit, Business Information Security Officers, and the broader IT Risk Management team.

You will be responsible for conducting annual assessments, overseeing disaster recovery governance, and collaborating with corporate audit teams to ensure compliance with policies and standards.

Your ability to build strong relationships with internal and external partners, deliver business value, and enable the achievement of compliance objectives will be key to your success.What you will be doing:
• Partnering with control owners to build, update, and implement controls across applicable domains (AI, PII, SOX, PCI, HIPAA, etc.).
• Assessing compliance framework & strategy to support technology alignment with company's business strategy.
• Establishing and maintaining disaster recovery (DR) governance, ensuring on-going completeness and accuracy of disaster recover documentation (e.g., DR plans and procedures)
• Validating business impact assessments of all applications in the Altria environment for disaster recovery
• Serving as a liaison for steady-state SOX control assessments.
• Working closely with Security Controls and Compliance team to ensure controls are implemented or modified effectively throughout the SDLC for in-scope SOX systems/tools; support annual testing of controls.
• Conducting technical controls, compliance and resiliency assessments to determine effectiveness in protecting systems and data.
• Establishing and maintaining compliance standards, patterns and guidelines that optimize Altria's business operations.
• Building and overseeing the usage of compliance and controls metrics and dashboards, driving a value approach to utilization across portfolio delivery, and briefing senior leaders.
• Partnering with Corporate Audit and audit liaison functions to support remediation of internal and external auditors' management action plans and minimize findings.We want you to have:
• Bachelor's degree or equivalent experience in an IT-related subject area
• 8+ years of experience in the information technology field specializing in security contro...