<p>Join UCT and be part of the fastest-growing sector in the world! We indirectly touch every semiconductor chip that goes into every smartphone, smart car and device that uses artificial intelligence.?This is a critical time for the semiconductor industry and for UCT - as technology evolves, we evolve with it. UCT is a diverse workplace where every talented employee is committed to continuous innovation, challenging the status quo and exceeding customer expectations. If you are a person with a relentless drive to succeed, a strong focus on quality with a passion for success - join us today!</p> <p>UCT is looking for a talented Director, IT Audit & Compliance to join us!</p> <p>We prefer candidates for this hybrid role to be based near one of our UCT sites in Hillsboro OR; Hayward, CA, Phoenix, AZ or Austin, TX.</p> <p>As a senior leader in the information technology audit compliance and risk management space, you will spearhead ongoing IT security control initiatives to ensure our teams are building solutions that enhance our security from all angles.</p> <p>As leader of the IT Compliance team, this role serves as a subject matter expert in regulatory compliance, information security, analysis, and control solutions. You will be principal owner of the "Second Line of Defense" for information technology and will partner with a team of experts to ensure our technology teams are building solutions that align with our IT compliance controls requirements. You will spearhead ongoing IT control initiatives and will oversee a team of IT compliance administrators. You will be involved in preparation and conduct of integrated financial audits, including risk assessment, audit planning, control walkthroughs and testing, as well as deficiency remediation and control environment optimization. You will collaborate across our global technology teams and lines of business to ensure we have the proper policies and controls in place. Additionally, as a recognized subject matter expert in audit compliance, and risk management, you will engage in strategic dialogue with business and technology leaders from across the firm-and have a direct influence on the future state of UCT's IT compliance program.</p> <p>The IT compliance team manages planning and execution of technology platform assessments as part of Governance Risk and Compliance (GRC), ensuring readiness and remediation across all relevant technology platforms to ensure the accuracy, precision, and completeness of IT control compliance at UCT. This role will oversee testing related to IT General Controls, which will require consulting with various stakeholders - including Technology management, Technology Risk & Controls as well as external / internal auditors - to help facilitate execution and reporting across the global technology and technology risk functions. Successful execution of responsibilities requires depth in IT Audit experience and the ability to interact with multiple stakeholders at all levels (e.g., Business functional stakeholders, IT engineers, and technology leaders).</p> <p>JOB RESPONSIBILITIES</p> <ul> <li>Work with internal business partners (business compliance, internal audit) and external auditor(s) to ensure optimal financial audit outcomes. Be accountable to execute key initiatives against relevant initiatives or provide inputs to partners' initiatives. </li><li>Assess, design, and optimize IT general controls and application control testing; facilitate identification of findings, relevant compensating controls, remediation, validation, and closure of findings within defined periods. </li><li>Oversee the execution of multiple control adoption readiness assessments conducted by various team members, ensuring consistency and alignment with organizational objectives. </li><li>Evaluate the functionality, configuration, and operation/maintenance of existing and new technology platforms to drive adherence to control standards. </li><li>Track and communicate overall progress of various program, ensuring complete and timely reporting on program status to senior management stakeholders. </li><li>Ensure key risks impacting controls are addressed and mitigated prior to initiation of audits. </li><li>Lead and develop the IT Compliance team and the GRC team for efficient and effective outcomes, helping grow the employees to their desired roles as appropriate. </li><li>Collaborate with internal and external stakeholders to understand and document current-state control processes, including process flow diagrams. </li><li>Examine results of internal / external audits for potential cross-impacts on other programs. </li><li>Promote the development of educational guidance and resources to support technology risk and controls personnel in enhancing their knowledge and effectiveness. </li><li>Ensure quality standards are achieved in development and maintenance of program documentation. </li></ul> <p>REQUIREMENTS</p> <ul> <li>Formal training or certification in Technology Controls concepts and 7-10+ years applied experience. </li><li>5-7 years of IT controls experience as a practitioner / lead. Experience with a "Big Four" or top IT consulting firm preferred. </li><li>Bachelor's degree in information technology, Accounting, Business, or other related discipline. </li><li>Certifications such as CPA, CISA, CIA or CRISC. </li><li>Experience with industry leading ERP systems and widely recognized integrations, with the ability to assess and defend architecture, as well as identify opportunities for improvement. </li><li>Experience with internal and external technology audits, Operational Risk Management deep dives and testing, and the ability to advocate on behalf of subject matter experts. </li><li>Knowledge of compliance, conduct, and operational risk management frameworks and processes. </li><li>Experience in using common technology controls industry best practice (e.g., NIST, ISO, COBIT, or related) frameworks. </li><li>Knowledge of information technology and auditing of IT general controls (SOX / SOC 1 / SOC 2). </li><li>Knowledge of common & current information technology platforms (additional weight given for familiarity with Public and Private Cloud Implementation). </li><li>Strong strategic vision and a history of successful delivery of business objectives. </li><li>Expertise in effective collaboration and coordination with colleagues throughout the firm and in leading collaborative teams to achieve common goals. </li><li>Proficiency in multiple business disciplines and functions, including policies and standards, risk and control assessments, access controls, control remediation, regulatory compliance, technology resiliency, risk and control governance and metrics, incident management, secure systems development lifecycle, vulnerability management, and data protection. </li></ul> <p>At Ultra Clean Technology,?we do not just welcome diversity - we celebrate it!?Ultra Clean Technology is proud to be an equal opportunity employer. We are committed to equal employment opportunity regardless of race, color, national or ethnic origin, age, religion, disability, sexual orientation, gender, gender identity and expression, marital status, and any other characteristic protected under laws and regulations.</p> <p>The pay range for this position at commencement of employment is expected to be between $133,000 and $190,000 year; however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. The total compensation package for this position may also include other elements, including?variable pay and discretionary awards?in addition to a full range of medical, financial, and/or other benefits (including 401(k) eligibility and various paid time off benefits, such as PTO (Paid Time Off) and parental leave), dependent on the position offered. Details of participation in these additional compensation and benefit plans will be provided if an employee receives an offer of employment.</p> <p>If hired, employee will be in an "at-will position" and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors.</p>