At Iron Mountain we know that work, when done well, makes a positive impact for our customers, our employees, and our planet. That’s why we need smart, committed people to join us. Whether you’re looking to start your career or make a change, talk to us and see how you can elevate the power of your work at Iron Mountain.
We provide expert, sustainable solutions in records and information management, digital transformation services, data centers, asset lifecycle management, and fine art storage, handling, and logistics. We proudly partner every day with our 225,000 customers around the world to preserve their invaluable artifacts, extract more from their inventory, and protect their data privacy in innovative and socially responsible ways.
Are you curious about being part of our growth story while evolving your skills in a culture that will welcome your unique contributions? If so, let's start the conversation.
Job Summary:
Iron Mountain is seeking an experienced and motivated Senior IT Project/Program Manager to join our Enterprise IT (EIT) Governance, Risk, and Compliance (GRC) team.
In this remote UK role, you will be responsible for ensuring enterprise-wide adherence and compliance with internal policies, external regulations, and industry-leading frameworks.
You will proactively manage risks, coordinate incoming audit requests for IT General Controls (ITGC), and build critical bridges between IT Operations, Information Security, and our broader business partners.
What You'll Do (Responsibilities):
In this role, you will:
- Lead GRC Programs & Certifications: Create and manage structured programs designed to maintain EIT environments in constant preparation for successful re-certification and complex compliance inspections.
- Coordinate Audit Support & Remediation: Collaborate directly with internal and external audit teams to provide proper evidence of control for ITGC (e.g., SOX, SOC 2, FFIEC, Country Regulatory Audits). Coordinate engagement teams to manage the quality and implementation of remediation actions for IT-related findings.
- Drive Risk Mitigation & Control Implementation: Proactively identify potential risks within the EIT environment using a risk-based approach. Design and implement controls to mitigate risks, such as managing Identity Access Management (IAM) or overseeing the lifecycle management and retirement of non-strategic hardware and software.
- Optimize Processes & Define Metrics: Create, optimize, and maintain sustainable and repeatable IT governance procedures. Partner across EIT to define Metrics & KPIs that support regular monitoring of IT systems (e.g., vulnerability management and advancing toward CMMI maturity goals).
- Report & Foster Awareness: Prepare and distribute regular status reports summarizing risk assessments and compliance status for management and stakeholders. Partner with Information Security to deliver educational content that fosters a culture of compliance awareness and accountability.
What You'll Bring (Skills & Qualifications):
The ideal candidate will have:
- Security Clearance: Must have a current UK Government clearance or the eligibility to successfully pass UK Government Clearance.
- Education & Certifications: A Bachelor's degree from a four-year college or university. A Project Management Professional (PMP) certification is preferred (but not required). Desired additions include CSM, ACP, 6-SIGMA, PgMP, or ITIL.
- Methodology Expertise: Strong knowledge and proven execution of project/program management methodologies including PMBOK, PRINCE2, SCRUM, Agile, Hybrid, Waterfall, LEAN, or Kanban.
- Framework & Standard Expertise: Strong understanding of IT infrastructure, security controls, and management frameworks (e.g., Sarbanes-Oxley (SOX), PCI-DSS, ISO-2700X, NIST, NIST-CSF, COBIT, SANS, ITAF, IIA, CMMI, and SDLC methodologies).
- Audit & Translation Capability: Exceptional ability to translate ambiguous or complex evidence-of-control requests from external auditors into clear, actionable data and presentation formats that EIT teams can provide.
- Stakeholder & Communication Skills: Excellent communication, analytical, and interpersonal skills to seamlessly bridge the gap between technical IT operations and non-technical stakeholders, driving consensus in cross-functional environments.
What We Offer (Benefits):
- Flexible work options: This is a 100% remote position based in the UK
- Competitive compensation and benefits aligned with experience
- Comprehensive health, wellness, and retirement plans
- Robust opportunities for continuous learning, training certifications, and professional growth
#LI-REMOTE
Category: Project/Program Management GroupSkills Required
- Current UK Government security clearance or eligibility to successfully obtain one
- Bachelor's degree from a four-year college or university
- Proven experience leading GRC programs and certification efforts (SOX, SOC 2, FFIEC, regulatory audits)
- Experience coordinating audit support, evidence-of-control, and remediation for ITGC
- Strong knowledge of IT security frameworks and standards (ISO-2700X, NIST/NIST-CSF, PCI-DSS, COBIT, CMMI)
- Experience with Identity and Access Management (IAM) and lifecycle management of hardware/software
- Proven ability to translate complex auditor requests into actionable evidence and deliverables
- Strong stakeholder management, communication, and cross-functional collaboration skills
- Familiarity with project/program methodologies (PMBOK, PRINCE2, SCRUM, Agile, Hybrid, Waterfall, Lean, Kanban)
- PMP certification
- CSM, ACP, 6-SIGMA, PgMP, or ITIL certifications
Iron Mountain Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Iron Mountain and has not been reviewed or approved by Iron Mountain.
-
Inclusive Benefits Coverage — Inclusive, modern offerings are emphasized, including support for mental health, gender‑affirming care (with travel/lodging where needed), and family‑planning benefits. Recognition for disability inclusion is also highlighted, which aligns with accessible benefits and leave support.
-
Retirement Support — A formal 401(k) program is described with automatic enrollment and a clear employer match structure, with immediate vesting referenced in the materials. Access to supporting infrastructure and guidance is noted through dedicated benefits portals and administrators.
-
Healthcare Strength — Multiple national medical plan options are outlined, along with care navigation, virtual primary care, and pharmacy coverage. Additional wellbeing support is described via EAP services and structured wellbeing programming.
Iron Mountain Insights
What We Do
Iron Mountain Incorporated (NYSE: IRM) is the global leader for storage and information management services. Trusted by more than 220,000 organizations around the world, Iron Mountain boasts a real estate network of more than 80 million square feet across more than 1,350 facilities in 45 countries dedicated to protecting and preserving what matters most for its customers. Iron Mountain’s solutions portfolio includes records management, data management, document management, data centers, art storage and logistics, and secure shredding help organizations to lower storage costs, comply with regulations, recover from disaster, and better use their information. Founded in 1951, Iron Mountain stores and protects billions of information assets, including critical business documents, electronic information, medical data and cultural and historical artifacts.
Gallery
.png)
