Crawford & Co.

IT Senior Compliance Officer

Posted Date 1 week ago(12-10-2021 10:07 PM)
Requisition ID
# of Openings
Information Technology

Purpose of Position

Reporting to the Director - Global IT Risk & Compliance in the UK, the IT Snr Compliance Officer (Asia-Pacific) serves as a subject matter expert and trusted advisor to the business and IT organization in the Asia-Pacific Region, coordinating and conducting a variety of IT risk and compliance activities and audits, including IT SOX audit with internal and external auditors, maintenance of the ISO27001 ISMS, responses to client security questionnaires, third-party risk assessments and ensuring completion of periodic reviews related to IT General Controls.  Working as part of the Global IT Risk & Compliance team, the IT Snr Compliance Analyst (Asia-Pacific) will participate in global and local initiatives to ensure that IT applications and systems stay compliant with Crawford’s IT policies, standards and regulatory requirements and to improve the overall security environment.


  • Acts as point of contact for audits in the Asia-Pacific region, coordinating process walkthroughs and the gathering of audit evidence as requested by audit teams, providing regular updates to meet audit deadlines.
  • Maintains documentation and activities supporting the ISO 27001 certification in Australia, including the ISMS documented in SharePoint.
  • Coordinates and responds to clients, auditors, and external parties regarding the IT control environment, including responses to IT security questionnaires and assessments.
  • Ensures effectiveness of IT General Control processes, including oversight of periodic access reviews in the Asia-Pacific region, with evidence retained for SOX audit inspection.
  • Confirms IT risks identified by clients, auditors, and external parties, identifies the root cause and potential remediation activities.
  • Involved in global IT security initiatives, working with colleagues in IT operations, IT security, privacy and business operations.
  • Acts as risk management liaison with all levels of the IT organization, all lines of business, and other internal departments. Provides information risk and IT controls consulting and advisory services to individuals, leaders, project teams, and vendors.
  • Upholds the Crawford Code of Conduct.

Key Relationships

  • Team line managers and colleagues may be located in different time zones, requiring the ability to work independently and self-direct for routine tasks, solve problems and identify when to escalate and communicate concerns or problems.
  • Position will have interaction with senior management, personnel across various departments and levels within Crawford globally, including finance, operations and IT as well as external auditors and clients.
  • Position will at times require overtime in order to meet deadlines, and flexibility to work outside normal hours to accommodate colleagues in different time zones.
  • Ability to facilitate meetings with business and IT contacts, including use of virtual meetings (MS Teams).


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed