emPowered by mediabistro post a job
 Sr Tech Mgr, IT Governance send this job to a friend 
Publication or Company AOL
Job Title Sr Tech Mgr, IT Governance
Industry Internet/Online/New Media, Web Development
Salary Negotiable
Job Duration Full Time
Job Location Dulles/Ashburn, VA
Job Requirements

IT Governance, Risk, and Compliance (ITGRC) – Senior Technical Manager:

Decision maker and leader for driving compliance readiness throughout Technologies, providing timely, efficient, results-oriented and professional advice on a broad range of activities involving governance, risk management and compliance. Responsible for managing issues relating to technology, audits, contracts, and insurance. This role is a member of the CIO Leadership team and provides technical vision and hands-on management of day-to-day tactical activities and long-term strategic direction for all technology-related compliance direction. Assists in the development, implementation, communication, enforcement, and monitoring of all required technology related regulatory compliance policies, standards, and procedures for Technology, for key business stakeholders who are dependent on Technology compliance for their business success, and for mergers and acquisitions.


  • Places emphasis on the practical application of standards and regulatory requirements and developing an effective compliance program

  • Exhibits the soft skills required to cultivate effective relationships with operations, business stakeholders, peers, senior management and executive leadership. 

  • Manages an organization consisting of direct reports and indirect reports, including hiring, training, staff development, performance management, annual compensation review, and succession planning.

  • Oversees and serves as a key decision maker, involving risk and compliance for data security, logical access security, and physical access security, and general IT controls for Sarbanes Oxley, MRC, and PCI compliance.

  • Provides company-wide direction in areas of technology policy and related activities.

  • Serves as an effective industry leader who ensures that Technologies and business stakeholders understand the risk we should take, managing those risks successfully; and ensures they understand the approach.

  • Creates enterprise governance, risk and compliance programs. This includes technology implementation and management, as well as, project management.

  • Ensures business continuity and disaster recovery program development and process integration.

  • Places special emphasis in information security and risk management strategy and process development

  • Exhibits success in developing, implementing, sustaining, and enhancing enterprise information security and risk management programs.

  • Develops, implements, and monitors a strategic, comprehensive technology risk management program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by AOL 

  • Responsible for the development and delivery of a comprehensive IT governance, risk and compliance program, including policies, standards and procedures; confers with key management, data custodians and business

  • Oversees the dissemination AOL-wide distribution of IT policies, standards and procedures; and evaluates request for exceptions and determines acceptance of risk for AOL.

  • Ensures continuous technology compliance by testing IT controls, monitoring, identifying, reporting and conducting risk analytics to ensure Technologies is taking efficient and effective steps to protect critical data.

  • Provides strategic and tactical technology compliance direction for IT initiatives, including the evaluation and recommendation of technical controls.

  • Serves as technology liaison addressing IT risk management and compliance issues with cross-organizational operational security teams (e.g., ITSec, Enterprise Services, and Network Ops), AOL Legal (e.g., Corporate Compliance, Privacy, etc.), AOL Finance (Internal Audit), and HR management teams, as required.

  • Works directly with the business units and acquisitions to identify acceptable levels of risk, and to ensure the establishment of segregation of responsibilities, and effective IT controls are in place

  • Ensures minimum security guidelines are in place to protect sensitive credit card data to successfully achieve Payment Card Industry (PCI) Attestation annually for Domestic and EU (UK and Germany).

  • Conducts, validates effectiveness and documents test of controls to provide to external PCI Assessors to ascertain level of technology compliance.

  • Ensures Advertising Technology Systems are in compliance with and achieve Media Ratings Council (MRC) annual certification (U.S. and Germany).

  • Conducts, validates and documents test of controls to provide to E&Y to ascertain level of compliance.

  • Ensures Human Resources technology controls are in effective, validated and in compliance with Health Insurance Portability and Accountability (HIPAA) technology requirements.

  • Ensures that AOL IT requirements and security activities are in compliance with applicable international and domestic international laws, regulations, Data Transfer Agreements, Safe Harbor, etc., to minimize/eliminate risks

  • Creates, implements, manages, and tracks (evidence verification) information risk and security management awareness training programs for all employees, contractors, and acquisitions.

  • Works with outside entities (e.g., third parties AOL supports, third parties AOL outsources to, External Auditors) to provide technology evidence, documented exceptions, mitigating controls, and/or remediation activities.

  • Serves as the Primary POC for Legal to assist in reviewing and addressing contract language to mitigate IT security risk potentially impacting AOL

  • Serves as the Owner of Business Continuity and Disaster Recovery Programs for AOL.

Specialties include

  • 6-10 years’ experience in IT Audit, Risk Management or IT Security related field.

  • Passion for people: team work, collaboration, and leading.

  • Familiar with IT security controls and risk management methodologies.

  • Strong Information Security compliance skill set.

  • Management or familiarity with numerous technologies (e.g. malware solutions, data leakage protection products, encryption solutions, mobile security, threat management solutions, vulnerability and application scanners, investigative tools, etc)

  • Experience with external auditors or assessment programs a plus.

  • Certification in one or two of the following areas: CISSP, CISA, CISM, CRISC, PMP

About AOL
Do you want to make the Internet better? We do too. And we’re looking for people with great ideas. We need free spirits and straight shooters. Creatives and critics. Nerds with nerve. People who love the Internet, but can see its cracks… and future, too. At AOL we’re focused on radically redefining the world of online communications. We are transforming how people around the globe connect with information, entertainment and one another by bringing together award winning journalists and innovative technologies to create rich and engaging consumer experiences. We look for people who are exceptionally imaginative, collaborative, and truly excited about our mission - to inform, entertain and connect the world.

AOL is an equal opportunity employer and does not discriminate on the basis of age, color, disability, marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other classification prescribed by applicable law.
Return to job listings page