×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security IT Business Analyst

IT Compliance Manager

Job in Phoenix, Maricopa County, Arizona, 85003, USA
Listing for: Sprouts Farmers Market, Inc.
Full Time position
Listed on 2026-04-20
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, IT Business Analyst
Salary/Wage Range or Industry Benchmark: 125000 - 150000 USD Yearly USD 125000.00 150000.00 YEAR
Job Description & How to Apply Below

Overview

Please note this position is based in our Phoenix, AZ Support Office.

The IT Compliance Manager is responsible for ensuring Sprouts’ IT systems, policies, and processes adhere to applicable legal, regulatory, and industry standards. This role owns IT compliance frameworks including PCI DSS, NIST CSF, and SOX, regulatory adherence, and continuous improvement across the organization. The ideal candidate is self‑directed, takes initiative to identify and resolve inefficiencies, and operates with confidence and accountability.

This role serves as a cybersecurity culture champion, helping cultivate an empowered security culture where security awareness is integrated into the fabric of the organization and each team member is equipped to protect information assets.

Overview of Responsibilities

Team Leadership

  • May lead/mentor compliance analysts.
  • Assign and prioritize workload across compliance initiatives, audits, and remediation efforts.
  • Conduct performance evaluations and support professional growth and certification goals.
  • Accountable for prioritization of compliance activities and delivery of audit milestones.

SOX Compliance (ITGC / IT-Dependent Controls)

  • Own and continuously refine SOX IT control design, documentation, and operating cadence, including control narratives, evidence expectations, and control owner alignment.
  • Coordinate SOX audit evidence collection, perform quality review, and provide gap analysis and status reporting to stakeholders.
  • Drive deficiency and remediation management, including action plan tracking, validation of corrective actions, and audit readiness.
  • Proactively identify and resolve process inefficiencies in evidence collection and audit workflows.
  • Deliver SOX evidence packages on time with minimal rework.

PCI-DSS Compliance

  • Coordinate PCI-DSS compliance activities including audit preparedness, evidence management, and cross‑functional alignment to maintain PCI-DSS posture.
  • Maintain PCI-DSS program documentation (policies, standards, and procedures as applicable) and track compliance requirements across IT and security control owners.
  • Drive PCI-DSS audit readiness and coordinate annual assessments with external QSAs and internal stakeholders.

Policy Maintenance, Lifecycle, and Enforcement

  • Own the information security policy lifecycle (draft, review, approval, publish, attestation, and exception handling) and ensure policies are maintained, communicated, and measurable.
  • Coordinate policy enforcement mechanisms with technical owners (standards, baselines, procedural controls, and compliance reporting) and maintain audit‑ready documentation.

Security Awareness and Phishing Simulation Program Ownership

  • Own enterprise security awareness program strategy, annual plan, and compliance tracking, including completion rates, effectiveness measurement, targeted campaigns, and culture alignment.
  • Own the phishing simulation and testing program, including scenario design cadence, targeting strategy, results reporting, and continuous improvement actions.

Audit and Compliance Program Operations

  • Coordinate internal and external audits and assessments (SOX, PCI‑DSS, NIST‑aligned assessments, penetration tests, and targeted control audits), including evidence management and stakeholder coordination.
  • Build and maintain compliance reporting (dashboards, metrics, KRIs/KPIs, issue tracking) to provide transparency into compliance status, risks, and remediation progress.
  • Provide gap analysis between security policies, standards, regulations, and actual practices, processes, and solutions. Recommend actions to management and track remediation.
  • Partner with IT and business partners to prioritize and drive process improvements that remediate or mitigate control gaps and compliance findings.

Change Governance / CAB

  • Coordinate weekly CAB meetings and drive Change Control processes to ensure SOX and security control requirements are met, including documentation, evidence, and audit alignment with existing change control policy.

Incident Response Support

  • Support incident response by advising on compliance and control impact, evidence retention, and audit trail requirements, in partnership with Security Operations.
Qual…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search