Sr. Compliance Program Manager
Oakland, California, United States, AMER
Fivetran
Effortlessly centralize all the data you need so your team can deliver better insights, faster. Start for free.From Fivetran’s founding until now, our mission has remained the same: to make access to data as simple and reliable as electricity. With Fivetran, customer data arrives in their warehouses, canonical and ready to query, with no engineering or maintenance required. We’re proud that more organizations continue to leverage our technology every day to become truly data-driven.
About the Role
The Fivetran information security organization is a motivated and innovative team responsible for ensuring the continuous integrity, confidentiality, and availability of customers’ data. Our customers trust us with all their most sensitive information, and we consider maintaining that trust to be a critical, core component of our product and business.
Fivetran is seeking a motivated candidate for a Compliance Program Manager of the Security Team. The role requires a control-focused audit professional with fair knowledge and expertise in IT systems and infrastructure. Excellent communication skills are critical, as well as the ability to influence across functions and various levels will be preferred. The position reports to the Sr. Manager, GRC.
Acts independently to plan, lead and execute audits designed to test and evaluate the Company's security and IT internal control processes. Understands technology concepts, operating process flows, identifies areas of risk (both IT and business), and develops value added solutions that mitigate risk and enhance operational performance. Responsible for compilation and presentation of audit reports. Serves in a leadership role, managing the processes and tasks of other audit personnel on the team.
Acts as a subject matter expert within specific responsibility area(s) and applies internal audit best practices and keeps current with applicable rules and regulations for HITRUST or FedRamp, as well as any authoritative pronouncements issued by relevant governing bodies. Advanced security risk or audit certifications are required and leading cybersecurity certifications are preferred.
Technologies You'll Use
- GRC tool (Drata), Okta, GCP, AWS, Azure, Github, Workday
What You'll Do
- Lead the planning and execution of audits (PCI-DSS, ISO 27k1, SOC 1&2) that evaluate the adequacy and effectiveness of information technology/security, financial and operational control activities to develop recommendations for the correction of control deficiencies and improvements in operational efficiencies.
- Assist in the implementation of new frameworks (HITRUST, FedRamp) and after in place will maintain and monitor the framework to ensure Fivetran is in compliance.
- Leads team members in the preparation and review of audit reports to ensure accuracy and quality of recommendations. Independently communicates results with all levels of management.
- Performs complex analysis in order to gain insight to make appropriate recommendations to management.
- Coordinate with co-source providers, external auditors, internal leaders, and process owners to ensure engagement and timely execution of audit work.
Skills We're Looking For
- Experience in Security Audit & IT audit (PCI-DSS, SOC 1&2, ISO 27k1), and risk management processes.
- Understanding of compliance frameworks including: HITRUST or FedRamp
- Knowledge of, or experience working with, Cloud technologies/environments, such as GCP, AWS, and Azure.
- Strong technical problem solving and analytical skills
- Team player who takes initiative and works constructively with others to achieve team goals
- Project management and organization skills, including attention to detail
- Strong presentation, written, and interpersonal communication skills
- Understanding in compliance frameworks: NIST, ISO, SOC, PCI-DS, NIST 800-53
We’re honored to be valued at over $5.6 billion, but more importantly, we’re proud of our core values of Get Stuck In, Do the Right Thing, and One Team, One Dream.
Fivetran brings together high-quality talent across the globe to make data access as easy and reliable as electricity for our customers. We value and recognize that our customers benefit from having innovative teams made of people from many backgrounds, experiences and identities. Fivetran promotes diversity, equity, inclusion & belonging through attracting, recruiting, developing and retaining a diverse workforce, not only because it is the right thing to do, but because it helps us build a world-class company to better serve our customers, our people and our communities.
To learn more about Fivetran’s culture and what it’s like to be part of the team, click here and enjoy our video.
To learn more about our candidate privacy policy, you can read our statement here.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits AWS Azure Cloud Compliance FedRAMP GCP GitHub HITRUST NIST NIST 800-53 Okta Privacy Risk management SOC SOC 1
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open IPS-related jobs