Security Compliance Manager

Posted:
2/11/2024, 5:50:54 PM

Experience Level(s):
Expert or higher ⋅ Senior

Field(s):
IT & Security ⋅ Legal & Compliance

Job Description:

We are actively seeking a seasoned Security Compliance Manager to join our security team. With a strong foundation in governance, risk, and compliance (GRC), the ideal candidate will bring over 10 years of experience in developing and managing comprehensive compliance programs within a dynamic corporate environment. This role is pivotal in ensuring that our company adheres to legal standards, industry regulations, and best practices while maintaining the integrity and security of our systems and data.

Responsibilities:

  • Develop, implement, and oversee a robust compliance framework that aligns with company objectives and regulatory requirements.

  • Conduct thorough risk assessments and audits, identifying potential compliance risks and implementing mitigation strategies.

  • Collaborate with various departments to ensure compliance initiatives are integrated into business processes and that all staff are educated on relevant regulations and standards.

  • Manage the preparation and submission of audit and compliance reports to internal and external stakeholders.

  • Stay abreast of changes in the regulatory landscape and adjust compliance strategies accordingly.

  • Lead the response to any compliance violations, including the development of corrective action plans and the implementation of changes to prevent future occurrences.

  • Serve as the primary point of contact for regulatory bodies and external auditors.

  • Develop and maintain policies and procedures to support compliance with applicable laws, regulations, and standards such as GDPR, SOC 2, CCPA, and others.

  • Maintain CSA CAIQ.

  • Oversee our internal security awareness and phishing simulation program.

Qualifications:

  • Bachelor's or Master's degree in Law, Business Administration, Information Security, or a related field.

  • A minimum of 10 years of experience in a GRC-focused role, with a proven track record of managing compliance programs.

  • Strong understanding of IT security principles and technologies, as well as experience with cloud computing environments.

  • Familiarity with international and domestic compliance regulations, cybersecurity frameworks, and industry best practices.

  • Professional certifications such as CISA, CRISC, CGEIT, CISSP, or similar are highly desirable.

  • Excellent organizational, analytical, and problem-solving skills.

  • Exceptional communication and interpersonal abilities, with the skill to effectively convey complex compliance issues to stakeholders at all levels.

  • Demonstrated leadership capabilities with experience managing teams and cross-departmental projects.

Additional Requirement:

  • This position requires the flexibility to work at least half the day in US hours to ensure effective collaboration with leadership and global team members. The ability to manage time across multiple time zones is essential for success in this role.

This role offers the opportunity to take on a leadership position within our security team, shaping the compliance posture of our organization. If you are a seasoned professional with a passion for GRC and are looking for a challenging role that requires collaboration across US time zones, we invite you to apply.

Pattern is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.