Data Security/ Compliance
Manager, Risk Management
- Develop and lead EU Issue Management team
- Manage issues by performing root cause analysis to determine potential control breakdowns and gaps.
- Identify and partner with Subject Matter Experts (SMEs) to develop appropriate remediation plans per formalized issue.
- Input issues into Issue Management tool and monitor remediation plans to closure.
- Request timely extensions from Executive Management for issues that will not meet due date timeframes.
- Coordinate and seek appropriate timely approvals for risk acceptances.
- Map current controls to issues and risks in Issue Management tool.
- Develop Executive Dashboards including trend data for monthly reporting to Executive Management.
- Develop and maintain policy and procedural documents as well as training materials for all things EU Issue Management.
- Continuous learning of European security and compliance regulations requirements
- Prior experience with prioritizing, resourcing and managing teams.
- 7+ years prior work experience in a SaaS/Cloud company Security and Compliance group or Security & Risk practice of a Big 4 firm
- Direct and recent work experience with at least two of the following compliance programs: ISO 27001, ISO 9001, SSAE16, SOC2, HIPAA, GDPR and PCI.
- Working knowledge of European and Asia Pac compliance or information security certification and controls
- Prior experience with GRC systems
- Ability to understand the intent of compliance requirements to provide effective and meaningful analysis
- Ability to work cross-functionally and engage in effective risk dialogue and question stakeholders appropriately
- Ability to stay relevant and be on the leading edge of regulatory changes that impact our business model
- Excellent report writing skills, ability to prepare and present reports and associated metrics
- Excellent verbal and written communication skills
- Self-starter
- Relevant professional certifications such as CISA, CISM, CRISC, CIA, CISSP preferred.
