VP, IT Controls

The VP, IT Controls will be responsible for establishing, leading, and continuously enhancing the company’s IT control framework. This role ensures that technology practices align with regulatory requirements, industry standards, and internal risk management expectations while enabling business agility and innovation. The VP will provide strategic oversight of IT governance, risk, compliance, and control processes to safeguard the organization’s technology environment.

What You Will Do:

• Strategic Leadership & Governance
  • Define and implement the enterprise IT control framework, aligned with business objectives, regulatory requirements, and industry best practices.
  • Lead IT governance processes, ensuring accountability, transparency, and consistent adherence to policies and standards.
  • Partner with senior leadership to integrate IT controls into strategic decision-making and technology initiatives.
• Risk Management & Compliance
  • Identify, assess, and manage IT risks across infrastructure, applications, and operations environments.
  • Ensure compliance with applicable regulations (e.g., SOX, GDPR, HIPAA, NAIC, etc.) and internal audit requirements.
  • Oversee risk assessments, control testing, and remediation efforts to maintain a robust control environment.
• Operational Excellence
  • Establish policies, procedures, and standards to drive consistency and efficiency in IT control activities.
  • Monitor and report on IT control effectiveness, providing metrics and insights to executive leadership and the board, as appropriate.
  • Partner with Internal Audit and external auditors to streamline walkthroughs, testing and audits.
  • Ensure timely management and resolution of IT audit findings, incidents, and exceptions.
• Collaboration & Partnership
  • Work closely with IT, security, legal, compliance, finance, and business leaders to embed controls into processes and systems.
  • Serve as a trusted advisor on IT risk and controls, balancing compliance with business enablement.
  • Lead cross-functional initiatives to strengthen IT control maturity and resilience.
• Team & Capability Building
  • Build and lead a high-performing IT controls team, fostering a culture of accountability, innovation, and continuous improvement.
  • Develop training and awareness programs to ensure employees understand their responsibilities in maintaining IT controls.
  • Mentor and develop talent within the IT controls function.

What You Will Have:

• Bachelor’s degree in Information Technology, Computer Science, Risk Management, or related field required; Master’s degree preferred.
• Relevant certifications strongly preferred (e.g., CISA, CISM, CRISC, CISSP, ITIL, COBIT).
• 12+ years of progressive IT leadership experience, including 5+ years in senior management roles with direct responsibility for IT risk, controls, compliance, or governance.
• Proven experience building and overseeing IT control frameworks in complex, regulated industries (e.g., financial services, insurance, healthcare).
• Strong knowledge of IT risk management methodologies, internal control principles, and regulatory requirements (SOX, NAIC, GDPR, HIPAA, etc.).
• Demonstrated success partnering with internal audit, external regulators, and executive leadership teams.
• Track record of managing audits, risk assessments, and remediation programs across enterprise-scale organizations.
• Exceptional leadership skills with the ability to influence at all levels of the organization, including board and C-suite.
• Experience leading cross-functional teams and building organizational capability in governance, risk, and compliance.
• Strong interpersonal, communication, and negotiation skills, with the ability to translate complex IT control requirements into business-relevant terms.
• Proven ability to balance regulatory compliance with business enablement, driving pragmatic solutions.