Senior IT Risk & Compliance Specialist, GRC Policies

IDEXX’s IT Risk & Compliance Group is dedicated to safeguarding the organization against various IT risks and ensuring compliance with industry standards and regulations. Key responsibilities of this team include conducting cyber risk training and assessments, managing third-party risk, overseeing SOX compliance, and ensuring privacy compliance across global operations. The team also spearheads the development of governance policies and provides comprehensive risk management consultancy services. Led by an experienced manager, the group consists of 6 seasoned professionals with extensive expertise in risk management, compliance, and security. Despite its size, the team adeptly manages the diverse and complex aspects of IT risk and compliance within IDEXX.

As a Senior IT Risk & Compliance Specialist , you will be a functional IT Security Lead influencing the business managers and leading positive changes ensuring that the organization’s operations are conducted in a manner consistent with ethical business practices, organization policies, and legal requirements.

Location : being located near our HQ in Maine or NH is preferred, but we are also open to anyone on the East Coast, EST time zone.

In This Role…

• Your main responsibilities will be to help create a governance program to include :
• Policy creation based on industry standards, frameworks & best practice.
• Communication of the policies to key stakeholders in the organization.
• Implementation of the policies to various departments and lines of business by consulting with those teams to help ensure understanding.
• Monitoring of the policies for compliance and managing any variances.
• Establish a process to ensure policies are up to date and accurate .
• You will conduct application gap assessments to establish security requirements and perform risk assessments.
• You will be part of this team who provides risk management consulting services to various teams within the organization, aiding in prioritizing issues for resolution.
• You will oversee the General Computer Control (GCC) universe, identifying risks, and implementing controls to mitigate these risks.
• You will monitor management against internal standards within the program, acting as the first line of defense before internal audits.
• As others on the team wear 3-4 “hats”, you will also juggle multiple roles within the team, including risk identification, quantification, and consulting
• You will facilitate risk assessment at the operational level, acting as a bridge between tactical and enterprise risks within the organization.

What You Will Need to Succeed…

What you can expect from us :

Why IDEXX?

We’re proud of the work we do, because our work matters. An innovation leader in every industry we serve, we follow our Purpose and Guiding Principles to help pet owners worldwide keep their companion animals healthy and happy, to ensure safe drinking water for billions, and to help farmers protect livestock and poultry from diseases. We have customers in over 175 countries and a global workforce of over 10,000 talented people.

So, what does that mean for you? We enrich the livelihoods of our employees with a positive and respectful work culture that embraces challenges and encourages learning and discovery. At IDEXX, you will be supported by competitive compensation, incentives, and benefits while enjoying purposeful work that drives improvement.

Let’s pursue what matters together.