Audit and Compliance Manager

 

Company Summary

Our purpose at CloudHQ is to provide flexible, efficient and resilient data center solutions to businesses of all sizes. Our growing organization was founded by the pioneer of data center REITs. CloudHQ has state-of-the-art data center sites located in two Northern Virginia locations, as well as London, Frankfurt and Paris, and we anticipate exponential growth over the next several years both in the US and abroad. This position is based in Ashburn, VA with accountability for three existing centers, and several under development.

 

This Role

The Audit and Compliance Manager (ACM) is part of the CloudHQ Operations team. The ACM serves as the process owner of all assurance activities related to the availability, integrity and confidentiality of information in compliance with CloudHQ’s information security policies. 

 

The ACM is responsible for maintaining the information security management program, ISO 27001:2013 certification, SSAE 18 attestation, PCI compliance and all related audits.


The candidate shall have experience and a thorough understanding of the requirements and structure of ISO 27001:2013, SSAE 18 and PCI as they apply to data center facilities. The ACM manager shall provide leadership and management of audit and compliance requirements at each data center site. This position will also create and administer training for all site personnel. The ACM will be responsible for obtaining the required certifications and attestation as required and working to ensure compliance with such programs. The ideal candidate for this role will have at least five (5) years of experience in an information security role and at least two (2) years in a supervisory capacity. This position will report to the Vice President of Property Operations.

 

Responsibilities

  • We will entrust you with specific responsibilities including:
  • Serving as the Information Security Manager and regularly report to the ISO Steering Committee
  • Creating and maintaining information security policies and procedures
  • Assisting in selecting and implementing new information security technologies
  • Creating and provide information security awareness training to organization personnel
  • Overseeing information security audits, whether performed by organization or third-party personnel
  • Communicating information security goals and new programs effectively
  • Assessing current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement
  • Assisting resource owners and staff in understanding and responding to security audit failures reported by auditors or otherwise identified
  • Managing policies and procedures to meet ISO, SSAE18 and PCI standards
  • Performing reviews of internal and external audits and work with process owners to remediate any non-conformities
  • Working with process owners to obtain documentation, understand processes, discuss potential issues/deficiencies/findings

 

We expect all our team members to be highly motivated to work in an environment that values innovation and understands that the nature of our business sometimes leads to changes in priorities. Your desire for success will ensure that projects are moving forward, with a sense of urgency, regardless of the challenges.

 

Basic Qualifications

  • Minimum of five (5) years’ experience in an information security role and at least two years in a supervisory capacity
  • Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) or other similar Information Security credential related to the audit and/or management of Information Systems Security
  • Expertise in Microsoft Office applications (e.g. Excel, Word, Outlook)
  • Superior organizational skills and attention to detail
  • Outstanding written and verbal communication skills and command of the English language
  • Ability to maintain excellent client and vendor relationships
  • Ability and willingness to respond to emails and phone calls after hours in the event of an emergency
  • A proven record of providing exceptional internal and external customer service
  • Ability to work independently
  • Strong understanding and experience working with Business Process Improvement or Continuous improvement models and processes related to the International Standards Organization (ISO)
  • Knowledge and understanding of relevant legal and regulatory requirements, including GDPR and other data protection regulations

 

This position is physically located in Ashburn, VA with need for regular local travel across data centers in Northern Virginia. Potential for travel outside of the DC Metro area.

 

What we offer

CloudHQ’s people and culture are the most enriching aspects that make us a great place to work. We are strengthened by industry experts who bring extensive knowledge, skill, and experience, leaders who bring vision, innovation and commitment to our people, and an expanding team of individuals who believe in that vision, and bring their best to support their customers and team.

Our employees enjoy competitive compensation and rewarding incentives, comprehensive benefits (medical, dental, vision, life insurance, disability), 11 paid holidays, generous PTO, 401(k) with match, development opportunities, and the ability to closely impact and contribute to the growth of an exceptional organization.

 

Equal Employment Opportunity

CloudHQ is an equal employee opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, age, national origin, disability, sexual orientation, gender identity or expression, marital status, genetic information, protected veteran status, or other legally protected status.

 

This position has been filled. Would you like to see our other open positions?