As a member of the team, you’ll have the opportunity to advise on system implementations, product launches and other business initiatives. You will support compliance initiatives throughout a fast paced dynamic startup environment. You’ll collaborate regularly with the operations, security, and development teams to complete a variety of engaging projects that assess enterprise technology risk. If you are a self-starter, with an appetite to learn and play a vital role in the growth of our compliance team, then this role is for you.
What You'll Do:
- Develop and maintain information security policies, procedures, standards and guidelines based on best practices and regulatory and legal compliance
- Creates, manages and conducts workforce information security
- Ensures adequate and effective IT controls exist to meet applicable current and future security compliance requirements found in laws, regulations, frameworks such as requirements to comply with SSAE 16 SOC I & II, ISO 27001, NIST/FedRamp etc.
- Remediate internal controls related to IT, security, operations, and engineering
- Work with internal stakeholders to complete internal audit requirements
- Work with external auditors to assist in the completion of annual compliance audits
- Assist with user access/identity management reviews from automated and manual systems
- Performs other duties as assigned or necessitated by business, regulatory or emergency situations
What We Expect:
- Bachelor's Degree required in Management Information Systems, Business or Accounting, or other related field
- 2-3 years of professional experience in a technology risk or compliance related role
- Big 4 experience preferred
- 2+ years experience with one or more of the internal controls frameworks (PCI, NIST 800-53, DoD STIGs, SSAE 18 (SOC), ISO 27001, MS-SDL, SOX)
- CPA, CISA, CISSP, or other related technology governance certifications a plus