Serving members across all 50 states, Connexus Credit Union is a member-focused cooperative that is proud to return profits to member-owners through high yields for checking accounts and deposit products, as well as competitive rates on our loans. We are a remote first employer with the majority of our employees residing in the upper Midwest.
As an employer we foster collaboration and high performance to achieve excellence. We holistically care for develop our employees to thrive personally and professionally. We are proud to share our success with our employees and those we serve.
25 days of paid time off and 7 paid holidays
16 hours of paid Volunteer Time Off
401K Retirement with up to 6% employer match
Excellent Health, Dental, Vision insurance, including multiple plan options
Health Savings Account with generous employer contributions
Employer paid Life insurance, Short-Term and Long-Term Disability
Tuition Reimbursement from $4,000 - $7,000 per calendar year
Robust Learning and Development program that includes an annual professional development stipend
The IT Governance, Risk and Compliance Manager provides functional, technical, and program leadership expertise as it pertains to IT governance, risk, and compliance. The role is a critical assurance role which must identify and clarify current internal IT compliance practices to diagnose and develop enhanced procedures to ensure companywide compliance with all regulatory, financial and core operational system requirements.
Collaborate with BT, audit and compliance leadership teams to develop and execute strategies, goals, and objectives for GRC.
Develop and maintain IT governance frameworks, policies, and procedures to ensure alignment with organizational goals and objectives.
Ensure that IT governance practices are integrated into the overall business strategy and operations.
Monitor and report on IT governance metrics and performance indicators to senior management.
Identify, assess, and manage IT risks, including strategic, operational, and cybersecurity risks.
Analyze IT risk mitigation strategies and ensure their effectiveness through continuous monitoring.
Ensure IT activities comply with relevant laws, regulations, industry standards, and internal policies.
Develop and maintain a compliance program that includes policies, procedures, and training programs.
Analyze risk assessments and create risk reports for executive leadership and the board of directors.
Conduct internal audits and assessments to ensure adherence to compliance requirements and identify areas for improvement.
Oversee the integration of IT governance, risk management, and compliance activities to create a cohesive and efficient GRC program.
Use GRC software and tools to manage and streamline GRC processes.
Maintain a strong understanding of information systems, business processes, key drivers, and measures of success GRC program.
Foster a culture of IT compliance and risk awareness throughout the organization.
Work closely with legal, finance, and other departments to ensure a comprehensive approach to GRC.
Serve as a liaison between the IT department and external auditors, regulatory bodies, and other stakeholders.
Provide guidance and support to IT teams on GRC-related matters and promote best practices.
Develop and deliver training programs to educate employees on GRC policies, procedures, and best practices.
Promote awareness of governance, risk, and compliance issues throughout the Business Technology organization.
Maintain comprehensive documentation of GRC activities, including policies, procedures, risk assessments, and audit findings.
Prepare and present regular GRC reports to senior management and the board of directors.
Ensure proper record-keeping for all GRC-related activities.
Comply with all Federal Regulations as they pertain to your job duties including Bank Secrecy Act.
This position is Remote.
Bachelor’s degree in Information Technology, Computer Science, Engineering, or related field or commensurate experience is Required.
Professional certification in at least one of the following CGRC, GRCP, CRISC, CISA, CISM, or CISSP is Required.
8+ years of experience in IT governance, risk management, and/or compliance is Required.
1+ year of prior management and/or leadership experience is Required.
Strong understanding of IT governance frameworks (e.g., COBIT), risk management methodologies, and regulatory requirements (e.g., GDPR, HIPAA, SOX) is Required.
Familiarity with IT systems, networks, and security controls. Experience with GRC management software and tools is Required.