Brief Description:
Direct/Manage/Supervise the development, implementation, and enforcement of programs to ensure compliance with applicable laws, regulations, and industry standards. Identify compliance risks and engage appropriate stakeholders around risk awareness and mitigation. Provide support to ensure actions/outcomes are aligned across all levels of the organization. Collaborate with legal and other business teams, as well as external resources, to ensure all compliance-related matters are appropriately understood and enforced. Oversee the auditing and monitoring of compliance programs and represent the function on committees as assigned. Lead the development of all compliance strategy, policy, and training, driving a culture of compliance throughout the organization.
Responsibilities:
- Leads enterprise-wide, industry and customer-required compliance programs and certification initiatives to ensure corporate compliance.
- Reviews customer contracts and ensure adherence to contractual requirements Spearheads alignment of compliance and risk strategies and related activities across corporate acquisitions and third-party global entities.
- Accomplishes corporate compliance and risk strategies by driving technology efforts; determining accountabilities; remediating identified gaps; developing, communicating, and enforcing values, policies, and procedures; implementing best practices.
- Develops compliance organizational strategies by contributing insights, analysis, and Recommendations to strategic thinking and direction; establishes functional objectives in line with organizational objectives.
- Provides ongoing reporting to senior management on corporate risk and compliance activities, status; escalates/communicates risks to senior management.
- Attracts new clients by maintaining state-of-the-art compliance programs; bringing compliance recognition to the company; providing leadership in the industry.
- Drives the creation of compliance and risk strategy presentations to existing and prospective customers; presents strategy directly to customer.
- Enhances compliance and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.
- Provides daily oversight and strategic execution of enterprise governance standards consistent with the organizations goals and objectives.
- Serves as project manager for all risk & compliance projects; manages junior compliance and risk team resources.
- Lead Compliance Management Service Audit activities for customers who have requested additional compliance services through Data Intensity.
- Manage the overall relationship including contracting, scheduling and oversite of third-party audit vendors.
- Conducts and organizes corporate risk assessment activities.
- Conducts and facilitates 3rd party and internal corporate audits.
- Serves as a member of the corporate Change Control Board, assessing the risk and impact of proposed technology solutions to Data Intensity’s compliance stance.
- Develops compliance financial strategies by estimating, forecasting, and anticipating requirements, trends, and variances; aligning monetary resources; developing action plans; measuring and analyzing results; initiating corrective actions; minimizing the impact of variances.
- Avoids legal challenges by understanding current and proposed legislation; enforcing regulations; recommending new procedures; complying with legal requirements.
- Maintains a central repository of documentation required for the satisfaction of compliance requirements including but not limited to Policies, Standards, Processes.
Skills:
- Experience in compliance and risk management including SOC1 Type 2, SOC2 Type 2, ISO27001:2013, HIPAA and PCI v3.2 compliance standards and processes.
- Strong communication & facilitation skills.
- Strong understanding of business processes as they pertain to cloud and SaaS operations.
- Demonstrated ability to match business needs with corporate risk requirements
- Solid understanding of audit processes and framework.
- Solid understanding on ITIL processes.
- Operational leader with track record of transforming compliance operations.
- Strong customer facing skills with a high degree of customer satisfaction focus.
- Excellent training and presentation skills.
- Ability to operate in a fast-paced and dynamic environment.
- Results oriented and accustomed to managing towards targets.
- Experience in a regulated environment highly desired.
Education / Experience:
- 8+ years of relevant experience
- Bachelor’s degree. Master’s degree preferred.
- Desired Certifications:
- ISO: ISO 27001 Lead Auditor or Implementor
- ISACA: CISA, CRISC, CISM, and/or CGEIT
- ISC2: CISSP, CCSP, and/or SSCP
- PCI QSA
- ITIL Foundation