Sr. Compliance Program Manager

From Fivetran’s founding until now, our mission has remained the same: to make access to data as simple and reliable as electricity. With Fivetran, customer data arrives in their warehouses, canonical and ready to query, with no engineering or maintenance required. We’re proud that more organizations continue to leverage our technology every day to become truly data-driven.

About the Role

The Fivetran information security organization is a motivated and innovative team responsible for ensuring the continuous integrity, confidentiality, and availability of customers’ data. Our customers trust us with all their most sensitive information, and we consider maintaining that trust to be a critical, core component of our product and business.

Fivetran is seeking a motivated candidate for a Compliance Program Manager of the Security Team. The role requires a control-focused audit professional with fair knowledge and expertise in IT systems and infrastructure. Excellent communication skills are critical, as well as the ability to influence across functions and various levels will be preferred. The position reports to the Sr. Manager, GRC. 

Acts independently to plan, lead and execute audits designed to test and evaluate the Company's security and IT internal control processes. Understands technology concepts, operating process flows, identifies areas of risk (both IT and business), and develops value added solutions that mitigate risk and enhance operational performance. Responsible for compilation and presentation of audit reports. Serves in a leadership role, managing the processes and tasks of other audit personnel on the team.

Acts as a subject matter expert within specific responsibility area(s) and applies internal audit best practices and keeps current with applicable rules and regulations for  HITRUST or FedRamp, as well as any authoritative pronouncements issued by relevant governing bodies. Advanced security risk or audit certifications are required and leading cybersecurity certifications are preferred. 

Technologies You'll Use

• GRC tool (Drata), Okta, GCP, AWS, Azure, Github, Workday

What You'll Do

• Lead the planning and execution of audits (PCI-DSS, ISO 27k1, SOC 1&2) that evaluate the adequacy and effectiveness of information technology/security, financial and operational control activities to develop recommendations for the correction of control deficiencies and improvements in operational efficiencies.
• Assist in the implementation of new frameworks (HITRUST, FedRamp) and after in place will maintain and monitor the framework to ensure Fivetran is in compliance.
• Leads team members in the preparation and review of audit reports to ensure accuracy and quality of recommendations. Independently communicates results with all levels of management.
• Performs complex analysis in order to gain insight to make appropriate recommendations to management.
• Coordinate with co-source providers, external auditors, internal leaders, and process owners to ensure engagement and timely execution of audit work.

Skills We're Looking For

• Experience in Security Audit &  IT audit (PCI-DSS, SOC 1&2, ISO 27k1), and risk management processes.
• Understanding of compliance frameworks including: HITRUST or FedRamp 
• Knowledge of, or experience working with, Cloud technologies/environments, such as GCP, AWS, and Azure.
• Strong technical problem solving and analytical skills
• Team player who takes initiative and works constructively with others to achieve team goals
• Project management and organization skills, including attention to detail
• Strong presentation, written, and interpersonal communication skills
• Understanding in compliance frameworks: NIST, ISO, SOC, PCI-DS, NIST 800-53

We’re honored to be valued at over $5.6 billion, but more importantly, we’re proud of our core values of Get Stuck In, Do the Right Thing, and One Team, One Dream.

Fivetran brings together high-quality talent across the globe to make data access as easy and reliable as electricity for our customers. We value and recognize that our customers benefit from having innovative teams made of people from many backgrounds, experiences and identities. Fivetran promotes diversity, equity, inclusion & belonging through attracting, recruiting, developing and retaining a diverse workforce, not only because it is the right thing to do, but because it helps us build a world-class company to better serve our customers, our people and our communities.

To learn more about Fivetran’s culture and what it’s like to be part of the team, click here and enjoy our video.

To learn more about our candidate privacy policy, you can read our statement here.