Cyber Security & Compliance Manager

WorkSpan is the #1 partner ecosystem management platform. That is, we help companies connect and collaborate with their business partners on a live network with cross-company business applications to build, market, and sell together. Companies can securely exchange data with trusted partners and have real-time visibility and insights. Our customers are large technology enterprises including Microsoft, SAP, Cisco, VMware, etc.

We are looking for a Cyber Security and GRC Manager. Your focus will be on key features with SaaS and Cloud Security align with the product roadmap and overall vision of the company.

You will report to CISO; you will be the subject matter expert on GDPR, ISO, and SOC and are expected to operate independently as a leader within those domains You will work closely with IT, Site Reliability Engineering, product, and other business units to ensure regulatory control requirements are translated into security practices and standards. 

Responsibilities:

• Perform security risk assessments to identify gaps, come up with recommendations and drive the gaps to completion
• Create and maintain ISMS policies
• Setup Internal audit processes for various security needs
• Understanding and ability to implement SOC 2, ISO 27001 controls across an organization
• Perform internal audits, keep the necessary documentation reviewed and updated as required for audits
• Perform/Create annual and onboarding training to educate personnel and re-iterate security and compliance requirements
• Respond to security assessment questionnaires from customers
• Project management - Initiate and drive complex security projects requiring various stakeholders
• Participate in periodic security testing activities (e.g. penetration testing, DR exercises) and prioritize and manage response activities.
• Documentation of the organization's security procedures
• Suggest areas of investment for tooling to mitigate risk

Required Skills and Experience

• Bachelor’s degree or Master's degree in Cybersecurity, Management, Business, Computer Science, Systems Engineering, or other Information Technology discipline 
• 5+ years of experience in various frameworks and standards for regulatory and security compliance (GDPR, ISO, NIST, COBIT, etc...)
• Experience performing internal audits and interfacing external security audits like SOC2
• Strong understanding of the terminology, concepts, IT controls, and best practices across key risk areas including risk assessment methodologies, identity and access management, cloud/SaaS, application security data loss prevention, networks, systems design and operations, and incident management
• Ability to establish trust with stakeholders and partners
• Effective and clear communication

What We Do and Value

• WorkSpan is the first-ever Ecosystem Cloud - an online platform where companies are working together to build with, market with, and sell with all of their ecosystem partners on a single, secure, connected network. Translation? We help companies partner up to offer awesome joint products & services with the ability to engage, manage & measure at scale.
• Our working atmosphere is positive and collaborative.
• We share information openly and broadly because we believe the best way to empower each other is to actively build trust with transparent, honest, and free-flowing communication.
• We are flexible in our opinions and always open to new ideas.
• We innovate continuously, with a focus on long-term success.
• We know it takes people with different ideas, strengths, backgrounds, cultures, weaknesses, opinions, and interests to make our company succeed. We celebrate our differences and are lucky to have teammates all over the world.

Perks to make you perky

We love to show our teammates that we care deeply about them and their well-being. In addition to our amazing culture, as our teammate you will also enjoy some phenomenal perks and benefits:

• Fun, growing, casual, and inclusive work environment
• Unlimited paid time off - because work-life balance is important;
• Career growth opportunity in a fast-growing company - we want you to evolve towards your best self
• Flexible working hours and work-from-home opportunity
• Medical benefits for you and dependents - we've got you covered
• Happy Hours, Birthday celebrations, Trivia days, and more - we do a ton of fun things together