Ashland Corporate

Returning Candidate?

Mgr, IT Compliance and Security Controls Liaison

Mgr, IT Compliance and Security Controls Liaison

Requisition # 
# of Openings 
Job Locations 
Job Post Information* :  

More information about this job


The Manager, IT Compliance and Security Controls Liaison is responsible for facilitating the development, implementation, documentation, and review of IT policies, procedures, processes, programs, and practices to guide toward continuous compliance with organizational and industry laws, regulations, and frameworks. The manager works with Information Technology, major 3rd party IT providers, Internal and External Audit resources, and the business to support process documentation and review, reporting and analytics, and developing and maintaining the appropriate records related to policy, procedures, control self-assessments, risk, etc. The manager coordinates with the Controls Management Group to identify, develop, and maintain a suite of appropriate IT Controls that support the organization’s overall Internal Control over Financial Reporting. The manager will assist in IT Risk Assessment projects.


  • Ensures all IT policy and procedures are documented and updated according to regulatory standards, deadlines are met, approvals obtained, guidelines followed, repository usage understood, and repository / system of record up-to-date as defined by the IT Governance program
  • Interfaces with internal and external requestors as an escalated point and reviews IT artifacts for completeness and satisfaction for the delivery of quality services regarding important issues / priorities, and deadline-sensitive information
  • Engages with technical process owners to understand technical process steps, identify risk, and drive toward a completed documentation that aligns with the IT Governance and Risk Management programs
  • IT control and security service metrics performance reporting and management
  • Liaison with MSP Client Security Manager for all IT compliance matters including performance of key controls and security service metrics
  • Liaison with CyberSecurity provider for incident response & security service metrics
  • Functions as the GRC repository system Subject Matter Expert (SME) and trains/supports clients with repository system usage, including one-on-one training and drafting training guidelines when necessary
  • Provides solutions and coordinates the execution of control mechanism/testing against technical procedures to ensure appropriate execution and that risk is mitigated to an appropriate level
  • Analyzes business problems using software, analytical tools and techniques, business process and technical knowledge and to general common sense to formulate solutions
  • Defines and delivers appropriate IT GRC metrics, analytics, and scorecards
  • Maintains all versions and version control for all IT GRC program documentation and pipeline with a thorough understanding of the processes and communicates the status
  • Coordinates various GRC repository system improvement projects and activities to enhance the system of record and maintain effective process controls
  • Organizes and leads IT GRC-related meetings and prepares meeting agendas
  • Develops and maintains risk register and designs self-assessments to help identify risks
  • Liaisons with Internal and External Audit resources and business personnel to facilitate the review of controls and control performance
  • Evaluates identified deficiencies and assists with creation, approval, and documentation of appropriate risk mitigation strategies
  • Remains current on IT GRC processes, regulations, and technologies (Sarbanes-Oxley, PCI, HIPAA, COBIT, etc)

**This job can be located in Lexington KY, Dublin OH, Covington KY, Wilmington DE, or Bridgewater NJ. 

**This job is based on a ladder structure and the job level (salary) will be determined by the quantity and quality of your experience.


  • Must be eligible to work in the US.
  • Bachelor's degree in business, accounting, finance, computer science, information systems, engineering, or a related field strongly prefered,; or an associate's degree and an IT Governance, Risk, or Compliance professional certification such as CGEIT, CRISC, or equivalent
  • Minimum one (1) year IT GRC related experience writing/reviewing IT policies and procedures
  • Participation in life cycle project implementations (from scoping/planning, requirements gathering, design, development, testing, launch and support) preferred
  • Risk, Audit and Security certification preferred – CGEIT, CISSP, CIA, CISA, PCIP, etc

Skills and Abilities:

  • Excellent written and verbal communication skills
  • Strong analytical and problem solving skills
  • Ability to work both independently and as part of a team to deliver quality work product in a timely fashion in a fast-paced environment
  • Ability to multi-task and prioritize tasks
  • Ability to exercise good professional judgment
  • The ability to work well with people from many different disciplines with varying degrees of technical experience
  • The ability to adapt to a dynamic, rapidly changing business and technical environment
  • Ability to maintain confidentiality
  • Demonstrate a strong understanding of various compliance and regulatory areas (e.g. Sarbanes-Oxley, PCI, COBIT, HIPAA)
  • Demonstrate an in-depth understanding of the risk register, risk exposure, risk reporting and handling of risk events
  • Ability to recommend and influence business process changes with regards to Information Security policies, standards, processes, and processes (including the use of tools)


TO APPLY FOR THIS POSITION, please select the Apply button. If no Apply button is provided, please visit Ashland's Career Center. Once there, enter job number 2017-6799 in the Keyword Search field to find this posting and apply on-line.


NOTE:  We do not accept resumes from external staffing agencies or independent recruiters for any of our openings unless we have a signed recruiting agreement in place to fill a specific position.


Ashland Global Holdings Inc. (NYSE: ASH) is a premier global specialty chemicals company serving customers in a wide range of consumer and industrial markets, including adhesives, architectural coatings, automotive, construction, energy, food and beverage, personal care and pharmaceutical. At Ashland, we are 6,000 passionate, tenacious solvers - from renowned scientists and research chemists to talented engineers and plant operators - who thrive on developing practical, innovative and elegant solutions to complex problems for customers in more than 100 countries. Ashland also maintains a controlling interest in Valvoline Inc. (NYSE: VVV), a premium consumer-branded lubricant supplier. Visit to learn more.


Ashland. always solving


We are passionate, tenacious, solvers who thrive on developing practical, innovative and elegant solutions to complex problems in applied chemistry, always pushing the boundaries of what’s possible, and advancing the competitiveness of our customers across diverse industries.


Our people—molecular scientists, chemists, process engineers, logisticians, research scientists, economists, analysts, compliance auditors, salespeople, safety experts and more—are distinguished by their ability to create and apply specialized chemistry in ways that enable customers to amplify the efficacy, refine the usability, add to the allure, ensure the integrity, and improve the profitability of their products and applications.


The Ashland Way


Our vision, mission, way and values are the foundation for what makes Ashland, Ashland. What we aspire to accomplish, how we work every day toward that vision, and the way that we do things are what give substance to the promises we make to each other, customers and investors.


Our vision is to make a better world by providing creative solutions through the application of specialty ingredients and materials.


Our mission is to develop practical, innovative, and elegant solutions to complex problems in applied chemistry, always pushing the boundaries of what’s possible, and advancing the competitiveness of our customers across diverse industries.


Our way is to respect, protect, and advance the people we work with, companies we serve, shareholders who invest in our future, communities we’re a part of, and planet we share.


Ashland is proud to be an Equal Opportunity Employer Minorities/Women/Veterans/Disabled/Gender Identity/Sexual Orientation. 

Ashland is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, or protected veteran status and will not be discriminated against on the basis of disability.


Share on your newsfeed