Manager of IT Compliance

Company Name:
This person is responsible for managing Belk IT's Compliance Program, with day-to-day responsibility for overseeing execution of applicable Information Security, Sarbanes Oxley (SOX), Payment Card Industry Data Security Standard (PCI DSS), and other regulatory requirements.
Directs, manages, plans and administers the operational and administrative activities of the IT Compliance staff and those in infrastructure supporting IT General Controls, SDLC, and Audits.
Leadership position and/or role in managing large-scale programs/projects is beneficial. Work experience at a major retailer a plus.
Essential Functions/Responsibilities: May include any and/or all of the following:
Partner with the business to execute the requirements of the Compliance Program to promote quality and provide regulatory and compliance guidance.
Interface with internal departments as appropriate such as IT/Delivery, Legal Department, Risk Management, Operations, Internal Audit, and others.
Develop and assure the execution of compliance monitoring and testing programs pursuant to Compliance guidelines to independently assess compliance activities.
Provide guidance on development and implementation of policies and procedures.
Work closely with members of the SOX Committee to ensure all parties are aware of key issues and risks; recommend monitoring and other controls to mitigate risks.
Manage multiple priorities and establish and adhere to the work plan/program.
Strong background with information technology concepts, risks and internal controls, as well as a senior management presence and the ability to successfully engage with all levels of the organization including the senior leadership to achieve compliance objectives.
Help identify evolving risks affecting business activities and changes to internal controls.
Develop and maintain cooperative, collaborative and productive team-driven relationships between the internal departments and Compliance Department.
Draft the annual Compliance Plan socializing and engaging Senior IT Leadership.
Program Management
Responsible for overall Program Schedule and Program Metrics
A monthly Cadence Report will be developed to include all PCI DSS and SOX control deliverables. Report will include control owner, frequency of control execution, target deliverable date, and evidence required.
Position is responsible for leading the organization through all PCI DSS and SOX-related certification and remediation work.
Participate in new product development initiatives or modifications to existing products, services and business processes.
Provide independent compliance risk assessment of new products and changes to existing products, services and processes.
Conduct thorough due diligence reviews and prepare reports and recommendations regarding potential new products, services, transactions, and other activities, as well as regulatory examinations.
Escalate compliance concerns on a timely basis to Director Information Security and, if applicable, Vice President Shared Services to communicate issues and identify/implement mitigation strategies.
Issue resolution.
Partner with internal departments to identify appropriate solutions to resolve or mitigate compliance weaknesses, failures and issues on a timely basis.
Provide independent reporting to management on the status of compliance issue resolution.
Demonstrated ability to effectively assess risks/conflicts at the macro and micro level and to focus efforts on critical issues.
Track the status of identified issues, verify the effectiveness of corrective action, and report status of outstanding issues, escalating concerns as required.
Demonstrated ability to communicate well in writing, with senior leaders, colleagues, and to spot issues.
Ensure appropriate compliance training is delivered to appropriate personnel.
Proactively draft and implement required compliance policies, procedures, alerts and training materials to keep employees abreast of relevant industry, legislative and regulatory requirements and developments.
Oversee and track specialized compliance training for personnel.
Provide regulatory guidance during training material development.
Personnel management.
Influence a team responsible for independent oversight of compliance programs, policies and procedures.
Promote effective communications and information exchange across the organization, functional areas and with the Compliance team.
Demonstrated aptitude for establishing and maintaining effective and trusted relationships within a business and across an enterprise.
Requirements/Qualifications: o 10+ years regulatory or compliance management, audit or operational risk experience;
o Operational knowledge of large, retail organization is strongly preferred;
o Significant experience with Sarbanes Oxley, PCI DSS certification procedures;
o Practical experience with Control Objectives for Information and Related Technology (COBIT), and/or other IT management and IT governance frameworks;
o Technology and process solution-oriented; familiarity with Microsoft Excel, PowerPoint and Word are key to daily work.;
o Strong verbal and written communication skills.
o Ability to drive change efficiently and collaboratively across an organization.
For reasonable accommodation information for an ADAAA qualified disability please see Belk Associate Handbook for policy and procedures.
Company Description:
Charlotte, N.C.-based Belk, Inc. is the nation's largest family owned and operated department store with more than $4 billion in sales and 300 Belk stores located in 16 Southern states and a growing digital presence. Founded on May 29, 1888 by William Henry Belk in Monroe, N.C., the company is in the third generation of Belk family leadership. Our mission is to satisfy the modern Southern lifestyle like no one else, so that customers get the fashion they desire and the value they deserve. Our vision is for the modern Southern woman to count on Belk first - for her, for her family, for life. Belk has been committed to community involvement since its inception and today gives 2.5 percent of its pretax income back to the communities it serves. During the past fiscal year the company and its associates, customers and vendors donated more than $20.9 million to those communities.

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.