Information Security Compliance Manager

ControlUp is on the leading edge of innovation, creating solutions that save IT organizations time, money, and stress.Our innovation doesn’t end with our great products! When it comes to our team, we’re leading the pack, too.
GRC (Governance, Risk and Compliance) Manager is responsible for empowering the business, through strategic leadership and tactical excellence in compliance. This position is highly collaborative and champions compliance objectives and initiatives across the enterprise and will be responsible for defining, implementing and leading a compliance function in the company. This role oversees compliance requirements (i.e. SOC2, ISO27001, PCI DSS, HIPAA, NIST, FIPS and others) through strategy development, controls definition and assessment and process oversight.
Specific responsibilities include but are not limited to:- Proactively protect the availability, integrity, and confidentiality of all customer and company data.- Directly responsible for policies, procedures and controls to assure compliance with applicable regulatory, legal and audit requirements as well as good business practices.- Develop a compliance strategy and approach and ensure compliance and contractual requirements and globally recognized standards and guidelines.- Identify regulatory, legislative, and industry-specific compliance requirements and define controls that can be used to meet those requirements.- Act as a compliance officer and serve as the intake on compliance-related inquiries and coordinating with subject matter experts.- Presenting ControlUp security to customers, meetings and other types of communication.- Conduct periodic internal reviews or audits to ensure that compliance procedures are followed.- Assess product, compliance, or operational risks and develop risk management strategies, Discuss emerging compliance issues with management or employees.- File appropriate compliance reports with regulatory agencies and disseminate written policies and procedures related to compliance activities.- Advise internal management or business partners on the implementation or  operation of compliance programs.- Provide employee training on compliance-related topics, policies, or procedures.- Monitor compliance systems to ensure their effectiveness.- Prepare management reports regarding compliance operations and progress.- Design or implement improvements in communication, monitoring, or enforcement of compliance standards.
Required Skills and Experience:- A minimum of 4+ years of hands on compliance experience.- Demonstrated knowledge of industry authoritative sources such as FIPS, FedRAMP, SOC2,    ISO standards, etc.- Orientation with the Software development life cycle. SaaS experience preferred.- Strong interpersonal skills- Knowledge of complex application, network, host and virtual system operations.- Ability to relate business requirements and risks to policy and technology implementation.- Expert level knowledge of risk assessment and remediation methodology, processes and procedures.- Proven ability to manage projects and implementations across organizations.- Strong collaborative approach and ability to effectively interface with technical staff, senior management and customers.- Strong project management experience.