Manager, IT Compliance

Ingram Content Group (ICG) is hiring for a Manager, IT Compliance to join to our IT Security & Compliance team in LaVergne, TN, just outside the Nashville area. This position is a hybrid work environment where the candidate will need to be able to come onsite.

The Manager, Compliance designs, implements, and leads IT risk and compliance efforts to ensure ICG meets all contractual and regulatory obligations and integrates industry best practices into Ingram’s IT functions. Identifies and integrates frameworks, develops and tests controls, performs, and documents risk assessments. Drives the compliance efforts for ICG’s IT organization.

Want to help explore and build new ways to deliver content to the world?

At Ingram, our Technology team is blazing a trail by providing content distribution services to thousands of publishers with key initiatives around business intelligence, machine learning, continuous integration and omnichannel. We support diverse people and technology that highlights innovation through SaaS platforms, metadata, cloud, and containerization. Our teams are agile, and emphasize authenticity, creativity, and transparency upon a fact-based foundation.

The world is reading, and it is our goal to connect as many people to the content they want in the simplest ways. If you are an IT professional who strives to deliver results through collaborative partnerships, understanding what drives business, and enjoys working in a connected culture, we can’t wait to meet you!

Required Qualifications:

• Bachelor’s degree in Information Technology, Information Security or related field or year for year directly related experience
• 5 years of experience in IT risk management, audit, or security with a focus on governance, risk, and compliance
• 6 years of management or project management experience

Preferred Skills:

• Knowledge of PCI, SOC 1 & 2, and other regulations
• Knowledge of common information security frameworks such as NIST CSF and 800-53, ISO 27002, COBIT, and others
• Experience creating presentation and presenting to leadership
• Experience building collaborative initiatives to perform audits cross functionally among business groups.

Key Responsibilities:

• Validates and recommends information systems security posture for ICG’s IT organization.
• Leads PCI compliance efforts, including identification of technical requirements, consulting with IT staff, alignment of requirements with technical implementations, audit and testing of controls, and reporting and attestation.
• Works with leadership to assess and document potential systems and process vulnerabilities, as well as the state and maturity of ICG’s security program to determine requirements.
• Leads ICG’s audits, including the coordination of testing and evidence collection.
• Recommends and implements changes to enhance systems security and prevent unauthorized access.
• Builds and maintains Cyber Security KPI’s.
• Provides guidance and direction on best practices for the protection of information and security of systems.
• Researches security trends, new methods, and techniques used in unauthorized access of data to preemptively eliminate the possibility of systems breach.
• Coordinates compliance efforts for SOC2.
• Understands and integrates foundational security frameworks, extracts and maps appropriate controls to systems, and tests and reports on the effectiveness of general IT controls.
• Builds and maintains matrix of contracts and requirements with mappings to relevant systems.
• Defines and publishes the organization’s security policies, standards, procedures, associate programs, and contract requirements.
• Coordinates user awareness efforts, including training, security campaigns, and tabletops.
• Reviews existing IT controls, business processes, policies, procedures, and management reports for effectiveness and sustainability.
• Manages an IT Security Compliance team.
• This list is not exhaustive

Perks/Benefits:

• A highly competitive compensation package with generous benefits beginning first day of employment for Medical/Prescription Drug plans, HSA, Vision, Dental and Health Care FSA.
  • 15 vacation days & 12 sick days accrued annually and 3 personal days
  • 401K match, Life and AD&D, Employee Assistant programs, Group Legal, & more
  • Wellness program with access to local fitness centers for one low price - onsite gym and basketball court for associates
• Avid reader? Numerous opportunities to engage with books and authors
  • Free card registration at the Nashville Public Library
  • Free advance copies available throughout our HQ in Greater Nashville
  • Discounted offers to self-publish with IngramSpark®!
• Encouraged continued education with our tuition reimbursement program
• Financial and in-kind opportunities to engage with non-profits in your community
  • Company match program for United Way donations
  • Volunteer opportunities and in-kind drives for non-profits throughout the year
• Take breaks or brainstorm in our game room with ping pong & foosball
• Casual Dress Code & Flexible Schedules (per team)

The world is reading, and Ingram Content Group (“Ingram”) connects people with content in all forms. Providing comprehensive services for publishers, retailers, libraries and educators, Ingram makes these services seamless and accessible through technology, innovation and creativity. With an expansive global network of offices and facilities, Ingram’s services include digital and physical book distribution, print-on-demand, and digital learning. Ingram Content Group is a part of Ingram Industries Inc. and includes Ingram Book Group LLC, Ingram Publisher Services LLC, Lightning Source LLC, Ingram Library Services LLC, Tennessee Book Company LLC, Ingram Content Group UK Ltd. and Ingram Content Group Australia Pty Ltd.

Ingram Content Group LLC is an affirmative action/equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, work related mental or physical disability, veteran status, sexual orientation, gender identity, or genetic information.

• EEO/AA Employer/Vet/Disabled
• We participate in EVerify.
• EEO Poster in English
• EEO Poster in Spanish