Senior GRC (Governance, Risk & Compliance) Program Manager

Senior GRC Program Manager

Say hello to possibilities.

It’s not everyday that you consider starting a new career. We’re RingCentral, and we’re happy that someone as talented as you is considering this role. First, a little about us, we’re the $2 billion global leader in cloud-based communications and collaboration software. We are fundamentally changing the nature of human interaction—giving people the freedom to connect powerfully and personally from anywhere, at any time, on any device. 

Essential Job Functions: 

• Manage security trust and compliance projects end-to-end, from design phase to project closure

• Program management of ongoing security programs such as DOT Network Security Audit, Risk Assessment and PCI, to ensure ongoing program success

• Communicate program updates, progress and timelines to stakeholders and upper management on a regular basis.

• Develop project timelines, roadmaps and milestones for multiple projects and project tracks

• Assessing and verifying overall security posture, for organizational policy on security and security management of networks

• Analyze security controls and compliance requirements for various frameworks such as 3GPP, ISO 27001, ISO 15408,SOC2, HIPAA, HITRUST, PCI/DSS and Privacy Impact Assessments.

• Assess effectiveness of security controls. Design, implement and automate effectiveness testing and efficacy measurements.

• Work with product, regulatory, privacy, security, engineering, operations, sales, and marketing teams to develop strategy for various market segments and verticals in India. and abroad 

• Work closely with external advisors to understand, design and implement controls.

• Perform planning/scoping and liaising with auditors and manage related audits.

• Ensure that the necessary documentation, ATOs, and agreements are in place with third parties.

• Develop compliance measurements and metrics to report up to line management and executive management. 

Qualifications: 

• Bachelor degree required; bachelor degree in Computer Science, Information Security, or related field is preferred.

• Minimum 8 years experience in the field of Information Security, Audit and/or Compliance is required.

• Minimum 2 years of program management experience is required.

• Expert level knowledge of various security frameworks and ability to determine measures that will satisfy controls, design controls and determine solutions that will address control requirements across current and future frameworks.

• Expert level knowledge of the NIST 800-53 framework is required. Strong knowledge of one or more additional security frameworks from the following list is also essential for this role (ISO 27001, CIS Critical Controls, HIPAA, HITRUST, PCI, FINRA, ASD Strategies to Mitigate Cyber Security Incidents, UK Cyber Essentials).

Leadership Competencies: 

• Project Management - Plan and manage several projects to meet compliance and security requirements. Effectively communicate with other teams at RingCentral during the entire project cycle.

• Purchasing and Vendor Management - Work with the Sr. Manager to ensure proper budgetary, procurement and legal processes are followed to implement plans; manage relationships with vendors and consultants throughout the procurement and execution of projects.

• Program Management – Organize programs and activities in accordance with the mission and goals of the organization. Develop new programs to support the strategic direction of the organization. Produce accurate and timely reporting of program status throughout its life cycle. Analyze program risks.

About RingCentral

RingCentral’s work culture is the backbone of our success. And don’t just take our word for it: we are recognized as a Best Place to Work by Glassdoor, the Top Work Culture by Comparably and hold local BPTW awards in every major location. Bottom line: We are committed to hiring and retaining great people because we know you power our success.

RingCentral, Inc. (NYSE: RNG) is a leading provider of business cloud communications and contact center solutions based on its powerful Message Video Phone™  (MVP™) global platform. More flexible and cost effective than legacy on-premises PBX and video conferencing systems that it replaces, RingCentral® empowers modern mobile and distributed workforces to communicate, collaborate, and connect via any mode, any device, and any location.

RingCentral is headquartered in Belmont, California, and has offices around the world.

RingCentral is an equal opportunity employer that truly values diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.