Security Risk and Compliance Management Specialist IV (Remote)

Rackers:  Valued members of a winning team Our employees, affectionately called “Rackers,” are our true strength and differentiator. As valued members of a winning team on an inspiring mission, Rackers make a real difference for our customers. It’s why we’re frequently recognized as an employer of choice by global industry-leading programs, including Great Place to Work, Forbes and Fortune.  They embody our Core Values, demonstrating that Fanatical Experience is: ·          Excellence. We are an accountable, disciplined, high-performing company with proven results.·          Customer-driven. We are proactive, collaborative and committed to success for our customers.·          Expertise. Rackers are passionate learners who are embedded in our customers’ businesses to provide unbiased solutions.·          Agility. We adopt new technologies and evolve services to meet customers where they are in their journey.·          Compassion. We’re one team doing the right thing for our customers, communities, and each other. Position Overview: As our Security Risk and Compliance Management Specialist IV you’ll act as an advocate in development of overall information security program globally. You’ll also create and perform global IT Risk and Compliance assessments. You’ll have the opportunity to assist in development and execution of information security, compliance, and risk best practices globally through audits, assessments, and policymaking.  Work Location:  Work may be performed remotely from anywhere within the 48 continuous United States. Key Duties and Responsibilities:            ·       Leads cross-functional team members in strategy development and implementation of risk framework and compliance solutions. ·       Independently performs complex and often unique work assignments and problem resolution. ·       Serves as the subject matter expert to ensure documents, projects, process, and product initiatives comply with regulatory and legal requirements and enterprise policy. ·       Oversees implementation of operational and non-operational risk management programs by providing guidance and assistance to business units with the identification, evaluation, understanding, management, and communication of risk. ·       Provides data and analytics in support of the risk officer and risk committees. ·       Directs analysis and root cause identification. ·       Develops and recommends compliance solutions impacting the enterprise. ·       Develops Risk Assessment process, charters, policies, methodologies, and reports. ·       Leads cross-functional workgroups, communication strategies, and planning meetings to develop solutions that meet the objectives of both the business and the IT Risk, Compliance, and Information Security team. ·       Develops appropriate data and analytics that deliver appropriate data to communicate risk at the executive level. ·       Develops training and communication of Information Security, IT Risk, and compliance. Maintains expert knowledge of the competitive/regulatory landscape and company's key challenges. ·       Coordinates and responds to regulatory requirements and requests, and ensures the execution of examinations. ·       Conducts IT Risk and Information Security due diligence activities relative to vendors and third parties. ·       Conducts risk assessments and documents findings where the deviation from an information security or IT Risk policy or standard is desired. ·       Ensures risk remediation plans meet key business objectives and partners with the business owners to follows through with corrective action steps. ·       Provides subject matter expertise on areas of security, privacy and regulatory compliance to Sales, Marketing, Product Development, Legal and Policy teams. ·       Conducts detailed analysis of risk rating, risk appetite, and provides data driven summaries to business leaders. ·       Documents and provides detailed analysis of findings where deviations exist through internal or external testing. Assists policy personnel in technical conversations with policy makers, industry bodies and other third-parties to advance Rackspace’s message. ·       Provides feedback to product management in the development of trust-related features, and supports regional security and compliance accreditation projects. ·       Develops internal control testing and documented processes. ·       Updates internal control matrices where necessary to support annual changing environments. ·       Adapts and creates processes as applicable, including changes in processes or reporting metrics. ·       Executes as the conduit between internal control owners and external auditors, including kickoff meetings, interview requests, closing meetings, and evidence gathering. ·       Executes internal customer audits which include scheduling, presentation of the Rackspace compliance portfolio, and overseeing the successful visit in conjunction with Account Managers. ·       Responsible for adhering to company security policies and procedures as directed. ·       Assists in annual audits for industry specific reports, including ISO 27001, ISO 9001, ISO 14001, ISO 18001, IRAP-AUS, Cyber Essentials+, NHS-DSO, SOC1, SOC2, SOC3, PCI, HIPAA, HiTrust, CyberGRX.·       Conducts annual audits for industry specific reports, including GDPR, FEDRAM, CDSA (applies to government team) Required Knowledge, Skills, and Abilities:   ·       Advanced knowledge gained through an IT Risk Management, Governance, Risk and Compliance, Information Security, Data Privacy, Vendor Management, and/or Business Continuity Management role in a global organization, professional services/consulting firm, or within a related industry. ·       Understands fundamentals of Network Security, Data Center operations, build pipeline, and cloud infrastructure security. ·       Familiarity with Vulnerability Scanners and Robot Process Automation. ·       Deep understanding of Cloud Computing technologies and migration challenges. ·       Ability to implement security controls, SCTMs. ·       Technology/software sales, consulting, or equivalent skills. ·       Ability to develop automation processes and controls across multiple business units. ·       Ability to apply knowledge of vulnerability management, risk management assessment, and IA policy and procedures to develop, implement, and maintain a secure business environment. ·       Demonstrated organizational skills and ability to manage multiple projects at once, drive execution and meet deadlines. ·       Strong technical writing and verbal communication skills and the ability to present analysis and conclusions with clarity and professionalism to all levels of management. ·       Proficiency with MS Word, MS Excel, MS PowerPoint and MS Visio.  Experience/Education:·       At least 8 years of related experience, including at least 6 years of experience managing matrixed teams is required.·       High school diploma or equivalent required. Bachelor’s degree in Computer Science, Computer Studies, Information Technology, Information Security or a related field is preferred.·       Security certification for IAM and IAT III, and CISSP preferred. Java, C++, Python, JavaScript, Network+, CCNP, ISA, CAP, CISA, ITIL, GRCP, CRISC, ISSEP, GCED, GCIA and/or CGEIT certifications preferred.Pay/Benefits:  The following information is required by the Colorado Equal Pay Transparency Act and applies only to individuals working in the state of Colorado. The anticipated starting pay range of Colorado applicants for this role is $96,100 - $124,600. Actual compensation is influenced by a wide array of factors including but not limited to skill set, level of experience, licenses and certifications, and specific work location. Information on benefits offered is here. https://rackspace.jobs/benefits/ #LI-MF1 #LI-Remote

About Rackspace TechnologyWe are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future.  More on Rackspace TechnologyThough we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.