We are seeking a Director of Compliance. The candidate will be responsible for advocating, monitoring, and enforcing compliance through controls, policies, standards, and procedures. In this role, you will be working with senior leaders within the Operations, Engineering, Sales, Customer Success, and Finance teams to achieve and maintain government and industry certifications required by our customers.
This role will be responsible for driving our compliance efforts, updating existing controls, managing third-party auditors, and maintaining certifications. This role will work to implement permanent policies and auditable processes to ensure continued compliance . This role also interfaces with customers, prospects, and partners by attending meetings with our Sales and Customer Success teams.
Along with the above responsibilities, this role specifically focuses on the Statement of Standards for Attestation Engagements (SSAE) 16 standard produced by the American Institute of Certified Public Accountants (AICPA). Further, this role manages the AICPA-accredited Service Organization Control (SOC) auditors for the annual SOC1 and SOC2 reports.
This position begins as an individual contributor and reports to the Director of Operations. This position is expected to grow into a management role and this candidate will be responsible for hiring and managing employees.
- 7+ years of experience in a combination of IT Security and IT Services
- CISM and/or CISSP strongly preferred
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and non-technical audiences
- Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs in a dynamic business environment
- Must be a critical thinker, with strong problem-solving and analytical skills
- Strong knowledge and understanding of relevant legal and regulatory requirements, including:
- Service and Organization Controls (SOC)
- General Data Protection Regulation (GDPR)
- Health Insurance Portability and Accountability Act (HIPAA)
- Federal Risk and Authorization Management Program (FedRAMP)
- Ability to work well in a demanding, dynamic environment and meet overall objectives
- 4 year college degree is required