Kforce has a client that is seeking an IT GRC Manager in Tampa, FL. Key Responsibilities: IT Risk Assessments: * Conduct comprehensive IT risk assessments, including identifying and analyzing potential threats and vulnerabilities across applications, infrastructure, and data * Develop and maintain risk registers, documenting identified risks, their potential impact, and mitigation strategies * Collaborate with IT and business stakeholders to prioritize and remediate identified risks * Assess impact of IT changes to policies, risks, controls, and governance process (including but not limited to disaster recovery, RCM) SOX Compliance: * Maintain and update the Risk and Control Matrix * Evaluate the design and monitor the execution of management's SOX controls * Participate in business process walkthroughs to identify application controls, reports, and ITGC dependencies/risks * Review SOC reports and map control deficiencies to relevant IT risks * Ensure all control evidence of operating is maintained timely, with appropriate detail for all IT controls; Own the development, reporting, completion of control remediation plans * Train and educate IT teams and control owners on the effective operation of controls Application and Data Transfer Controls, Report (IPE) Validation: * Identify the application controls, interfaces/batch jobs and reports key to supporting SOX business processes * Evaluate the design and effectiveness of application controls * Evaluate the design and effectiveness of controls intended to mitigate data transfer errors/incompleteness * Evaluate the design (completeness and accuracy) of reports used for key controls Third-Party Risk Management: * Develop and implement a third-party risk management program * Monitor and manage risks associated with third-party relationships