Compliance Manager

As Compliance Manager, you will play a key role to build scalable and efficient processes related to controls, risks, corrective actions, product compliance, and the overall compliance framework. You will work with all functions of this fast-paced, rapidly changing business, and directly with key stakeholders to drive continuous improvement, communication and education with Symplast’s internal and external customers.

Responsibilities:

• Manage a strategic and comprehensive compliance program, including appropriate IT management controls and procedures
• Develop and maintain a consistent, repeatable process for identifying risks, qualitatively and quantitatively risk assessments, determining risk treatment, and managing associated findings and remediation plans. Scope of risk management domain includes, but is not limited to, asset risk management, third party risk management, and security/privacy risk management 
• Enforcement of the overall Governance, Risk, Compliance program 
• Responsible for continuous monitoring, remediation, and reporting of controls to management and coordination across functional teams to remediate and close the control gaps
• Maintain evidence documentation across internal stakeholders for a repeatable process
• Collaborate with internal and external stakeholders to understand risks to critical infrastructure by defining potential business impacts
• Support both regulatory and customer audits
• Build relationships with internal and external stakeholders
• Accurately and effectively communicate our compliance position and programs to customers 
• Serve as an information resource to the organization regarding the release of compliance information and related issues
• Manage and deliver the on-time completion of ISO?, NIST?, PCI? HIPAA, SOC for Service Organizations, SOX audits
• Improve processes and procedures related to audit and customer assurance
• Manage vendor risk management and vendor onboarding process
• Work with the team to maintain and annually review security policies

Qualifications:

• Bachelor's degree from an accredited college/university or equivalent professional experience
• 4 years’ experience in Governance, Audit, Compliance or Information security, some of which in a leadership role
• Experience with IT Risk Management principles including industry leading practices, industry frameworks, and processes
• Experience using any Agile methodologies is a plus
• Experience working for a SaaS or other technology service provider
• Experience auditing cloud services and infrastructures
• Background in planning, scoping and managing audits in an ISO?, NIST?, PCI? HIPAA, SOC for Service Organizations, SOX audit environment
• Experience with customer assurance and a vision for streamlining customer assurance processes
• Comfortable with reviewing contracts and privacy documents
• Flexible and adaptable to changing situations.
• Ability to work independently and collaboratively with other teams to achieve goals and represent the business.
• Ability to remain objective in balancing business needs and risk.