At a Glance
- Tasks: Lead IT governance, risk, and compliance programs while managing audits and mitigating risks.
- Company: Join Iron Mountain, a leader in secure information management with a remote-first culture.
- Benefits: Enjoy flexible remote work, competitive pay, health benefits, and growth opportunities.
- Other info: Ideal for those seeking a dynamic role with excellent career advancement potential.
- Why this job: Make a real impact by ensuring compliance and enhancing IT security across the enterprise.
- Qualifications: Experience in project management and strong knowledge of IT compliance frameworks required.
The predicted salary is between 61408 - 80000 £ per year.
Iron Mountain is seeking an experienced and motivated Senior IT Project/Program Manager to join our Enterprise IT (EIT) Governance, Risk, and Compliance (GRC) team. In this remote UK role, you will be responsible for ensuring enterprise-wide adherence and compliance with internal policies, external regulations, and industry-leading frameworks. You will proactively manage risks, coordinate incoming audit requests for IT General Controls (ITGC), and build critical bridges between IT Operations, Information Security, and our broader business partners.
What You'll Do (Responsibilities):
- Lead GRC Programs & Certifications: Create and manage structured programs designed to maintain EIT environments in constant preparation for successful re-certification and complex compliance inspections.
- Coordinate Audit Support & Remediation: Collaborate directly with internal and external audit teams to provide proper evidence of control for ITGC (e.g., SOX, SOC 2, FFIEC, Country Regulatory Audits). Coordinate engagement teams to manage the quality and implementation of remediation actions for IT-related findings.
- Drive Risk Mitigation & Control Implementation: Proactively identify potential risks within the EIT environment using a risk-based approach. Design and implement controls to mitigate risks, such as managing Identity Access Management (IAM) or overseeing the lifecycle management and retirement of non-strategic hardware and software.
- Optimize Processes & Define Metrics: Create, optimize, and maintain sustainable and repeatable IT governance procedures. Partner across EIT to define Metrics & KPIs that support regular monitoring of IT systems (e.g., vulnerability management and advancing toward CMMI maturity goals).
- Report & Foster Awareness: Prepare and distribute regular status reports summarising risk assessments and compliance status for management and stakeholders. Partner with Information Security to deliver educational content that fosters a culture of compliance awareness and accountability.
What You'll Bring (Skills & Qualifications):
- Security Clearance: Must have a current UK Government clearance or the eligibility to successfully pass UK Government Clearance.
- Education & Certifications: A Bachelor's degree from a four-year college or university. A Project Management Professional (PMP) certification is preferred (but not required). Desired additions include CSM, ACP, 6-SIGMA, PgMP, or ITIL.
- Methodology Expertise: Strong knowledge and proven execution of project/program management methodologies including PMBOK, PRINCE2, SCRUM, Agile, Hybrid, Waterfall, LEAN, or Kanban.
- Framework & Standard Expertise: Strong understanding of IT infrastructure, security controls, and management frameworks (e.g., Sarbanes-Oxley (SOX), PCI-DSS, ISO-2700X, NIST, NIST-CSF, COBIT, SANS, ITAF, IIA, CMMI, and SDLC methodologies).
- Audit & Translation Capability: Exceptional ability to translate ambiguous or complex evidence-of-control requests from external auditors into clear, actionable data and presentation formats that EIT teams can provide.
- Stakeholder & Communication Skills: Excellent communication, analytical, and interpersonal skills to seamlessly bridge the gap between technical IT operations and non-technical stakeholders, driving consensus in cross-functional environments.
What We Offer (Benefits):
- Flexible work options: This is a 100% remote position based in the UK.
- Competitive compensation and benefits aligned with experience.
- Comprehensive health, wellness, and retirement plans.
- Robust opportunities for continuous learning, training certifications, and professional growth.
Senior IT Project/Program Manager (Governance, Risk, and Compliance) in Bristol employer: Iron Mountain
Iron Mountain is an exceptional employer that prioritises employee well-being and professional development, offering a fully remote role in the UK for a Senior IT Project/Program Manager. With a strong focus on governance, risk, and compliance, employees benefit from flexible work options, competitive compensation, and comprehensive health and wellness plans, all within a collaborative culture that fosters continuous learning and growth opportunities.
StudySmarter Expert Advice🤫
We think this is how you could land Senior IT Project/Program Manager (Governance, Risk, and Compliance) in Bristol
✨Join Compliance Communities
Get involved in compliance and risk communities — both online and offline. Look for forums, LinkedIn groups, or even local meetups where compliance pros hang out. You never know who might drop a job opportunity your way!
✨Attend Industry Conferences
Keep an eye out for compliance and risk management conferences and workshops in your area. These events are a goldmine for networking, and they often have job boards or recruiters on-site looking for new talent. Plus, it’s a chance to learn what's trending in the field.
✨Leverage Your University Career Services
If you’ve recently graduated or are still studying, head over to your university's career services. Many companies, including those in compliance, actively recruit fresh talent through these services, so make sure you tap into that resource.
✨Showcase Your Knowledge Online
Start writing articles or blog posts about compliance topics that interest you. Share them on platforms like LinkedIn to demonstrate your knowledge and passion. This not only builds your presence in the field but can also catch the attention of companies like Iron Mountain looking for candidates who are engaged and informed.
We think you need these skills to ace Senior IT Project/Program Manager (Governance, Risk, and Compliance) in Bristol
Some tips for your application 🫡
Show Your Understanding of Compliance:In the compliance-risk field, it's super important to showcase your understanding of regulations and risk management frameworks. Highlight any relevant coursework, certifications (like ICA or AML), or even projects that demonstrate your knowledge and commitment to this area. We want to see how you can navigate this complex landscape!
Quantify Your Achievements:When detailing your experience, try to quantify your achievements. For example, if you've previously worked on a project that improved compliance metrics or reduced risk exposure, give us the numbers! This data-driven approach really stands out to hiring managers in compliance-risk roles.
Tailor Your CV to Reflect Relevant Skills:Make sure your CV highlights skills that are particularly relevant to compliance, like attention to detail, analytical thinking, and report writing. Ensure these are easy to spot – consider using bullet points to break down your responsibilities and achievements for maximum impact!
Craft a Motivating Cover Letter:In your cover letter, let us know why you’re excited about the compliance-risk role at Iron Mountain. Share what motivates you about compliance, and how you believe you can contribute to our mission. This is your chance to showcase not only your skills but also your passion for this important field!
How to prepare for a job interview at Iron Mountain
✨Master the Regulations
Brush up on key compliance regulations relevant to the industry you're applying to. Familiarising yourself with specific laws and frameworks used in your field will give you an edge during technical questions. Show that you’re not just aware of them but can also apply them—think real-life scenarios!
✨Show Your Analytical Skills
Compliance roles really focus on analytical skills, so be prepared for case studies or situational questions during the interview. We've got to demonstrate how we approach risk assessments or compliance audits, possibly drawing on examples from past experiences or university projects. Bring some thoughtful case scenarios to discuss!
✨Know Your Tools
Get comfortable with commonly used compliance software and tools. Familiarity with platforms like RSA or MetricStream can really impress during your interview, as it shows you're ready to hit the ground running. If you’ve had any experience with them, make sure to highlight that!
✨Align with Company Culture
Since it's a full-time position, show your long-term commitment and interest in the company’s mission and values. Dive into how your ethics and professional philosophy align with Iron Mountain’s stance on compliance. A shared vision can really resonate with interviewers looking for fit as much as skill!