IT Risk and Compliance Manager
Infrascale is committed to delivering industry leading data protection through Backup and Disaster Recovery solutions. We are focused on protecting our customers, taking care of our employees, and building the best technology in the market. We believe every business can have reliable, secure data protection –
come with us on our journey.
What we are looking for:
Infrascale is expanding its presence in the market and is looking for top notch talent to help expand our world class Security and Compliance team. The Manager of IT Risk and Compliance will be responsible for the implementation and management of compliance processes to help Infrascale meet industry standard cloud computing certifications and applicable legal and regulatory compliance requirements with a high concentration on information security. As a part of the compliance team, you will play a strategic role in coordinating, maintaining and executing Infrascale certification & compliance strategy for programs like ISO 27001, PCI, HIPPA, SOC. This position reports to the Director, Security & Compliance and will reside in our Reston, VA or Salt Lake City, UT office.
What you will do:
* Execute certification & compliance roadmap working with cross-functional teams and external auditing agencies
* Accurately interpret, map, and communicate information systems compliance regulations and requirements within the organization, leveraging best practices.
* Conduct internal assessments and audits at planned intervals and on an ad hoc basis to evaluate and validate the design and operational effectiveness of policies, standards, and internal control framework to help reduce risk in the organization.
* Organize and efficiently manage internal audits and external compliance/certification audits for the organization.
* Monitor open audit items from internal audits and external compliance/certification audits to ensure completion of remediation activities defined in the agreed action plans and risk treatment plans.
* Provide the organization with recommendations to improve compliance with policies, standards and external requirements and continually analyzing for opportunities for process optimization.
* Support leadership teams to develop and expand continuous monitoring processes to assess compliance with information security policies and standards, legal and regulatory compliance.
* Provide compliance subject matter expertise support to the sales, product and legal organizations.
What you will bring to the table:
* Bachelors in Information Systems or a related technical field.
* Minimum 5 years of experience working in an information security, information technology or information risk management related field possessing thorough understanding of industry standards and regulations including ISO 27001, PCI, HIPPA, Cloud Star Alliance.
* Experience with compliance programs in a service provider market highly preferred.
* Must possess thorough analytical skills with a strong attention to detail as part of performing internal documentation audits, corporate process reviews and legal requirement evaluations.
* Demonstrated experience in managing compliance programs for financial services organization or organizations with similar information security needs and requirements.
* Familiarity and understanding of broad range of IT technical controls, hardware and software products, cloud computing, or hosting services.
* Demonstrated ability to multi-task, respond to needs quickly and efficiently and prioritize work with a strong attention to detail.
* Ability to work well under pressure and respond to tight deadlines while exercising sound judgment.
* Must be a self-starter and possess the qualities to work efficiently, effectively, and autonomously with no supervision.
* Excellent verbal and written communication skills with ability to work cross functionally and globally to achieve successful outcomes for complex business objectives
* Ability to work independently in a fast-paced environment
* Sense of humor and intellectual curiosity
What you can expect from us:
We offer a competitive compensation package (salary, bonus, stock options), comprehensive group benefits to meet the needs of you and your family, flexibility and time off when you need it, and a casual work environment.
LOCAL CANDIDATES ONLY. NO AGENCIES PLEASE.
Infrascale is committed to providing Equal Employment Opportunity to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, ancestry, sexual orientation, handicap or disability, Vietnam-era, special veteran, or any other legally protected status. This policy is established and administered in accordance with all applicable federal and state laws.
Founded in 2011, Infrascale provides comprehensive, cloud-based data protection by delivering industry-leading backup and disaster recovery solutions. Combining intelligent software with the power of the cloud, Infrascale removes the barriers and complexity of secure, offsite data storage and standby infrastructure for real-time disaster recovery. Trusted and recommended by leading independent industry experts, Infrascale equips its customers with the confidence to handle the unexpected by providing greater availability, better security and less downtime when it comes to their data. Visit www.infrascale.com or follow us on Twitter at @Infrascale for more information.