Senior IT Project/Program Manager (Governance, Risk, and Compliance)

Job Summary:

Iron Mountain is seeking an experienced and motivated Senior IT Project/Program Manager to join our Enterprise IT (EIT) Governance, Risk, and Compliance (GRC) team.

In this remote UK role, you will be responsible for ensuring enterprise-wide adherence and compliance with internal policies, external regulations, and industry-leading frameworks.

You will proactively manage risks, coordinate incoming audit requests for IT General Controls (ITGC), and build critical bridges between IT Operations, Information Security, and our broader business partners.

What You'll Do (Responsibilities):

In this role, you will:

• Lead GRC Programs & Certifications: Create and manage structured programs designed to maintain EIT environments in constant preparation for successful re-certification and complex compliance inspections.
• Coordinate Audit Support & Remediation: Collaborate directly with internal and external audit teams to provide proper evidence of control for ITGC (e.g., SOX, SOC 2, FFIEC, Country Regulatory Audits). Coordinate engagement teams to manage the quality and implementation of remediation actions for IT-related findings.
• Drive Risk Mitigation & Control Implementation: Proactively identify potential risks within the EIT environment using a risk-based approach. Design and implement controls to mitigate risks, such as managing Identity Access Management (IAM) or overseeing the lifecycle management and retirement of non-strategic hardware and software.
• Optimize Processes & Define Metrics: Create, optimize, and maintain sustainable and repeatable IT governance procedures. Partner across EIT to define Metrics & KPIs that support regular monitoring of IT systems (e.g., vulnerability management and advancing toward CMMI maturity goals).
• Report & Foster Awareness: Prepare and distribute regular status reports summarizing risk assessments and compliance status for management and stakeholders. Partner with Information Security to deliver educational content that fosters a culture of compliance awareness and accountability.

What You'll Bring (Skills & Qualifications):

The ideal candidate will have:

• Security Clearance: Must have a current UK Government clearance or the eligibility to successfully pass UK Government Clearance.
• Education & Certifications: A Bachelor's degree from a four-year college or university. A Project Management Professional (PMP) certification is preferred (but not required). Desired additions include CSM, ACP, 6-SIGMA, PgMP, or ITIL.
• Methodology Expertise: Strong knowledge and proven execution of project/program management methodologies including PMBOK, PRINCE2, SCRUM, Agile, Hybrid, Waterfall, LEAN, or Kanban.
• Framework & Standard Expertise: Strong understanding of IT infrastructure, security controls, and management frameworks (e.g., Sarbanes-Oxley (SOX), PCI-DSS, ISO-2700X, NIST, NIST-CSF, COBIT, SANS, ITAF, IIA, CMMI, and SDLC methodologies).
• Audit & Translation Capability: Exceptional ability to translate ambiguous or complex evidence-of-control requests from external auditors into clear, actionable data and presentation formats that EIT teams can provide.
• Stakeholder & Communication Skills: Excellent communication, analytical, and interpersonal skills to seamlessly bridge the gap between technical IT operations and non-technical stakeholders, driving consensus in cross-functional environments.

What We Offer (Benefits):

• Flexible work options: This is a 100% remote position based in the UK.
• Competitive compensation and benefits aligned with experience.
• Comprehensive health, wellness, and retirement plans.
• Robust opportunities for continuous learning, training certifications, and professional growth.