Manager IT Controls & Compliance in Orlando Office Complex at Marriott Vacations Worldwide

發佈日期: 1/18/2022



Are you ready to grow your dream career while making others' vacation dreams come true? Marriott Vacations Worldwide is a world premier organization for Vacation Ownership with resorts at destinations around the globe. Join our team and help deliver unforgettable experiences that make vacation dreams come true.

Specific Job Summary (describe the nature and purpose of the position)

The IT Controls and Compliance Manager executes the day-to-day, assigned, IT-related compliance, audit, and user access review functions throughout the Marriott Vacations Worldwide (MVW) enterprise. Responsible for creating and reporting on individual components of quarterly user access review programs and related processes, as well as performing monthly termination testing for access to SOX applications by separated users. Participates, supports, and partners in meetings with Internal Audit, Information Security, Access Management, Information Privacy, Legal, and other enterprise-wide stakeholders to understand, document, plan, and deliver all IT related compliance,
audit, and user access review functions. Ensures compliance for the user access review process to minimize risks for the organization. Responsible for assisting IT Controls and Compliance leader in understanding which ITGC and application controls are critical to support MVW's SOX compliance
and designs reviews to ensure that effective controls remain in place and monitors the company's status of correcting/implementing controls to support SOX compliance, including the company's objective of managing the cost of compliance.

This position will utilize IT auditing, audit support, and internal controls-related skills to support IT and/or MVW business-related IT user access review objectives. Responsible for planning, coordinating, and collaborating with other cross-functional team members and providing required deliverables related to any IT audit and/or user access review related activities. Assists in managing
open IT audit issues. Supports the annual review and refresh of MVW policies and procedures, including Information Security Manuals (ISMs), throughout the organization. Follows and maintains standard operating procedures (SOPs) and escalates areas of opportunities to improve or streamline processes in alignment with compliance requirements.

Specific Expected Contributions (including duties and responsibilities)
▪ Responsible for planning, implementing, and executing all required quarterly, semi-annual, and annual MVW IT user access review processes.
▪ Coordinate, facilitate, track, and monitor status of all user access reviews (application, operating system, database layers, etc.), which includes but is not limited to:
o Understand and perform all tasks associated with obtaining system generated information source files (user access, roles, headcount, etc.)
o Proactively perform all administrative activities (work papers, tracking, documentation, etc.)
o Responsible for pre-validation process to ensure completeness and accuracy
(scope/objective, validate population in scope, other miscellaneous considerations)
o Initiate user access review process with business (notification, monitor, track, report on status, etc.)
o Perform post-validation/self and peer-review process to ensure completeness and accuracy of closed user access reviews (close all follow-up items, Q&A, track and document findings)
o Identify and improve user access review process by providing recommendations for process enhancements/efficiencies to automate manual processes and assist in the documentation of these plans
o Maintain department SOP for current state processes and make recommendations to improve and/or streamline
o Audit to ensure documentation and backup meet guidelines set for by MVW policies and auditor requests
o Ad hoc user access reviews as required
▪ Coordinate, facilitate, track, and monitor status of the SOX IT General Controls annual testing which includes but is not limited to:
o Coordinating IT general control and application control walkthroughs and lead working sessions for evidence collection to support the audit.
o Coordinate and assist stakeholders in updating all IT-related workflows through Visio or other tools.
o Facilitate and support IT remediation efforts by documenting root cause analysis.
▪ Provide support and education to IT personnel on MVW Policy concerning audit and compliance

Specific Candidate Profile (the education, experience, skills and attributes that are important for this position)

▪ BS/BA preferred and 3-5 years of experience in related field
▪ CISA or CIA and/or other related certifications preferred

▪ 3-5 years of work experience in public accounting, technology, IT auditing/IT general controls, internal controls, or a similar control function environment

▪ Ability to work independently and efficiently
▪ Ability to work in cross functional teams
▪ Possesses strong analytic and problem-solving skills and sound judgment
▪ Strong organization, facilitation, goal setting, and time management skills
▪ Demonstrated effectiveness in collaborating with business partners
▪ Possess strong written and verbal communication skills, presentation, and be able to interact well with peers and internal customers
▪ Strong attention to detail and demonstrated follow-through
▪ Positive attitude, ethics, and values which support the Company’s values
▪ Strong organization, facilitation, goal setting, and time management skills
▪ Strong knowledge of the Microsoft Office suite of products (i.e., Excel and SharePoint)

Marriott Vacations Worldwide is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture