Information Security Compliance Manager

Uniphore is the global leader in Conversational Service Automation. The Company’s vision is to disrupt an outdated customer service model by bridging the gap between human and machine using voice, AI and automation to ensure that every voice, on every call, is truly heard. Uniphore enables businesses globally to deliver transformational customer service by providing an automation platform where digital agents take over transactional conversations from humans, coach agents during calls, and accurately predict language, emotion and intent. All in real-time. With Conversational Service Automation, enterprises can now engage their customers to effectively build loyalty, improve customer experience and realize operational efficiencies.
The Role:You will play a key role in supporting the security compliance and governance function to promote a pragmatic and effective compliance program. This includes creating and developing scalable and repeatable processes to meet PCI-DSS, ISO 27001/27701, SOC 1 and SOC 2+, HIPAA, HiTrust, GDPR , FedRamp and other regulatory requirements.

Key Responsibilities

• Develop information security compliance and audit strategies that support an agile and fast growing company.
• Responsible as the process owner of all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information in compliance with the organization's information security policies.
• Facilitate managing the company's existing security certification lifecycle and help acquire new certifications per the company's business and compliance needs.
• Coordinate and reply to internal and external audits related to information security.
• Responsible for managing Internal audit/reviews for ISMS controls and coordinating remediation
• Manage periodic reviews of security policies, processes, and procedures
• Coordinate the information security assessments with 3rd parties (suppliers, customers)
• Recommend, drive, and implement improvements to the Company’s Information Security Risk Management program.
• Develop and maintain risk register contents and underlying workflows to track identified risks, risk owners and action plans for risk remediation.

Qualification and Experience

• Bachelor’s Degree in Computer Science, Computer or Systems Engineering, or equivalent
• Minimum of 5 years of experience in related position
• Information Security Certification (e.g. CISSP, CISM, CRISC, etc)
• Solid knowledge of security on networking, cloud, infrastructure configuration, end-point protection and SDLC
• Demonstrated success implementing and maintaining Information Security control frameworks and standards such as ITIL, ISO27001, NIST CSF / 800-53, PCI DSS, SOC 2, HIPAA and GDPR
• Strong knowledge of audit and risk management methodologies, such as COBIT, NIST 800-37/800-30, FAIR.
• Excellent written and verbal communication skills and ability to interface with all levels of business. Experience working with non-IT business units/departments, helping to implement security strategies and solutions and ability to translate concepts into simple terms.
• Information security consulting experience or substantial cross-functional responsibilities

Uniphore is an equal opportunity employer committed to diversity in the workplace. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, disability, veteran status, and other protected characteristics. For more information on how Uniphore delivers business value using Conversational Service Automation, please visit www.uniphore.com