Program Manager- Governance, Risk, & Compliance

ConnectWise is an industry and Global leading software company with over 3,000 colleagues in North America, EMEA and APAC. As a community-driven software company dedicated to the success of technology solution providers, our suite helps over 45,000 of our partners manage their businesses better, sell more efficiently, automate service delivery, and remotely control technology so they can consistently deliver amazing customer experiences.

Our company is powered by our connections, our colleagues, and our community. And, we accept all kinds.

Game-changers, innovators, culture-lovers—and humankind.

We invite discovery and debate. We recognize key moments as milestones.

We see you and value you for your unique contributions. Our inclusive, positive culture lays the foundation to ensure every colleague is valued for their perspectives and skills, giving you the choice of how YOU make a difference.

Curious? Read this opportunity to learn how YOU can make a difference at ConnectWise!

General Summary:

The Program Manager- Governance, Risk, & Compliance is responsible for evaluating, monitoring, and maintaining the ISO 27001/ISO 27701 program. This role will perform risk evaluations that include initiating risk assessments, collecting and reviewing audit reports and certifications, maintaining risk profiles, evaluating controls, and assisting with evaluating contracts. This role works in partnership with the Information Security, Engineering, Partner Support, and other cross-functional teams to support the organization through the oversight of controls to support the retention and generation of revenue within the company.

Essential Duties & Responsibilities:

• Provides support to the Information Security team, with a high attention to detail.
• Researches, analyzes, and documents findings.
• May coach and review the work of other team members.
• Performs rigorous evaluations of new and existing controls following consistent, and repeatable methodologies.
• Identifies and evaluates the impact of risks.
• Oversees timely resolution of risk management issues, control gaps, and mitigation as needed to maintain ISO 27001/ISO 27701 compliance program and monitor customer compliance requirements.
• Supports internal audit activities as needed to ensure program effectiveness.
• Supports continuous improvement of the risk assessment and procurement process for suppliers and vendors.
• Identifies opportunities for automation within the compliance and ISMS program.
• Supports internal and external audit activities.
• Reports on ISMS metrics on an ongoing basis.

Knowledge, Skills, and/or Abilities Required:

• Ability to manage projects and processes independently with limited supervision.
• Advanced knowledge of applicable work area.
• Ability to situationally adapt and understand new technology/processes as per business requirements.
• Ability to collaborate with other stakeholders and work in partnership with external auditors and multiple business units simultaneously.
• Strong communication skills with the ability to prepare and present well written papers, briefings, and other materials to senior leadership across the organization.
• Demonstrated ability to form coalitions amongst disparate groups, with the ability to produce thorough and precise documentation.
• Ability to work independently and collaboratively with teams that are geographically distributed.
• Ability to manage multiple activities and events simultaneously, with a strong ability to prioritize multiple tasks.
• Practical knowledge of ISO 27001, ISO 27701.
• Practical knowledge of GDPR, and European data privacy and information security issues.
• Strong and sound decision-making skills.
• Familiarity with PCI DSS, SOC, ISO, and NIST industry frameworks.

Educational/Vocational/Previous Experience Recommendations:

• Bachelor’s degree in related field or equivalent business experience.
• 5+ years of relevant experience.
• Preferred: current security certifications (e.g. CISSP, CISM, CIPP, CISA certification or equivalent).
• Preferred: experience in the software or technology service industry.
• Preferred: experience in enterprise risk, ISO 27001 auditor, or GDPR.
• Preferred: experience with GRC SaaS tools.

Why ConnectWise:

• Recognized as a Top Workplace in 2023.
• Diverse Employer Award for 2024.
• Company Paid Benefits.
• Mental Health Advocate.
• Masters Assistance Program.
• Career Development and Growth Opportunities.

Working Conditions:

• If located within 40 miles of Tampa, FL or Pittsburgh, PA- Hybrid (2-3x in office/week).
• Located Elsewhere: Remote.
• Up to 10% travel required.

ConnectWise is an Equal Opportunity Employer, dedicated to building a diverse and inclusive workforce and providing a workplace free from discrimination and harassment. ConnectWise provides equal employment opportunities to all employees and applicants without regard to race, ethnicity, color, religion, age, sex (including pregnancy), sexual orientation, gender, gender identity or expression, ancestry, national origin, citizenship status, physical or mental disability, genetic information, military/veteran status, marital status, familial or parental status, or any other characteristic or status protected by applicable federal, state and local laws.

The statements above are intended to describe the general nature and level of work being performed by individuals assigned to this job. Other duties may be assigned as needed. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions of the job and/or to receive other benefits and privileges of employment. If you need a reasonable accommodation for any part of the application and hiring process, please contact us at talentacquisition@connectwise.com or 1-800-671-6898.