×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Project Manager

Director IT Risk and Compliance

Job in Marlborough, Middlesex County, Massachusetts, 01752, USA
Listing for: BJ's Wholesale Club
Full Time position
Listed on 2026-06-20
Job specializations:
  • IT/Tech
    Cybersecurity, IT Project Manager
Salary/Wage Range or Industry Benchmark: 200000 - 250000 USD Yearly USD 200000.00 250000.00 YEAR
Job Description & How to Apply Below

A World-Class Team

BJ’s Wholesale Club is powered by more than 30,000 team members who make a real impact every day. Whether you’re stocking shelves, solving problems or shaping strategy, your work helps families save on what matters most.

Why You’ll Love Working at BJ’s

At BJ’s Wholesale Club, our team members are at the heart of everything we do. That’s why we offer a comprehensive benefits package designed to support your health, well-being and future – both on and off the job. When you grow, we grow.

Benefits
  • Weekly Pay:
    Get paid every week so that you can manage your money on your terms.
  • Free BJ’s Memberships:
    Enjoy a complimentary The Club Card Membership, plus a free Supplemental Membership for someone in your household.
  • Generous Paid Time Off:
    Take the time you need with vacation, personal, sick days, holidays, bereavement, and jury duty leave.
  • Flexible and Affordable

    Health Benefits:

    Choose from three medical plans and access optional dental, vision, Health Savings Account (HSA), and flexible spending account options to fit your lifestyle.
  • 401(k) Retirement Savings Plan:
    Build your financial future with a company match (available to team members 18 and older).
  • Employee Stock Purchase Plan:
    Accumulate funds through after‑tax payroll deductions that can be used to purchase shares of BJ’s common stock at a 15% discount.

Recruitment eligibility varies by position.

Reports To:

VP, IT Security and Compliance

Team Size:
Leads a team of compliance, risk, and security analysts

Travel:
Minimal (≤10%)

Position Overview

BJ’s Wholesale Club is a Fortune 500 membership‑based wholesale retailer operating over 267 clubs and 205 gas stations across the Eastern United States. As a high‑volume retailer processing millions of transactions annually, our IT Risk & Compliance function is mission‑critical — safeguarding member data, ensuring regulatory adherence, and enabling the business to innovate with confidence.

We are seeking a Director of IT Risk & Compliance to lead the organization’s information technology risk management and regulatory compliance programs. This is a pivotal leadership role at a moment of transformation: you will lead a tenured, high‑performing team and have the mandate to modernize processes — leveraging AI, automation, and purpose‑built GRC platforms to shift the function from reactive to predictive.

The ideal candidate brings deep SOX ITGC and PCI DSS expertise, a track record of cross‑functional influence at the executive level, and the vision to build a compliance program that is both rigorous and efficient.

Responsibilities Compliance Program Leadership
  • Own and mature the SOX IT General Controls (ITGC) program end‑to‑end: scoping, control design, testing coordination, interim and year‑end audit support, and remediation tracking.
  • Direct PCI DSS assessment activities and annual penetration testing, partnering with QSAs and internal stakeholders to maintain compliance posture.
  • Collaborate with the IT leadership team on Governance, Operating Model and SDLC to ensure compliance with internal policy, industry standards and regulatory landscape.
  • Serve as the primary liaison to Internal Audit, External Audit and Legal; manage audit findings through to closure.
  • Own the annual IT policy review cycle to ensure policies reflect current regulatory requirements, emerging risks, and operational capabilities.
IT Risk Management
  • Lead enterprise IT and cybersecurity risk assessments; maintain the IT risk register and report quarterly to senior leadership and the Risk Management Committee.
  • Oversee the Vendor Risk Assessment program and Third‑Party Risk Monitoring, including platform management and escalation protocols.
  • Partner with Legal and Privacy teams on e‑discovery, Legal Hold requests, contract reviews involving technology, and data retention obligations.
  • Drive Architecture and Solution reviews in partnership with the enterprise architecture team to embed security and compliance requirements into project delivery.
  • Maintain and exercise Incident Response plans; lead or co‑lead annual executive and technical tabletop exercises.
  • Design and oversee the enterprise security awareness and phishing tests program, ensuring…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search