Immuta was founded in 2015 based on a specific mission to build a platform that accelerates self-service access and control of sensitive data. Immuta's award-winning automated data governance software platform creates trust across security, legal, compliance, and business teams so they can work together to ensure timely access to critical business data with minimal risks. Our automated, scalable, no code approach makes it easy for users to access the data they need, when they need it, while protecting sensitive data and ensuring their customers' privacy.
Our Mission is clear. Enable the legal and ethical use of data. How we approach this mission is also clear!
We are mission focused. Born out of a government mission, we understand why data is about more than just analytics - it also represents our values. Our mission is to enable the legal and ethical use of data, ensuring that data is accessible to only those who need it, for the right reasons, and in the proper form.
We are humble intellects. We are experts in privacy, ethics, law, and engineering. But true expertise requires constant change - to always learn and to always adapt. And that means we excel as students and as teachers. We have something to learn from everyone, at any time, in any place.
We are independent achievers. We don't need guidance to get things done, yet we know when to ask for help. We accomplish our mission while upholding our values, whatever it takes.
We are helpful and caring. For us, life is about the values we uphold, not the credit we receive or the attention we garner. We operate with respect and consideration of our peers, acting with empathy, honesty, transparency, and integrity.
As Immuta's Director of Information Security and Compliance, you'll be charged with bringing Immuta's existing information security and compliance processes into a single framework, and refine those processes as the company grows - identifying and filling gaps and producing a cohesive program that meets stakeholder needs. You'll leverage that program to drive SOC-2 certification and maintain and achieve other relevant certifications over time.
In this role, you must have a well-rounded background in technology, audit, and assurance, with prior experience reviewing or implementing controls in modern DevOps-friendly environments. This will be a hands-on role requiring a thorough understanding of security certification standards, process, and audits, the technical knowledge to work directly with Immuta's engineering teams. You'll also need the communications skills necessary to convey real-world risk mitigation techniques to auditors and customers (who may, in rare occasions, have outdated compliance boxes to check).
In this position you will have the full support of Immuta leadership and technical teams to implement a compliance process that satisfies the requirements of recognized standards, that is modern in its approach, and is adaptable to changing market needs.
This position will require extensive communication with personnel throughout the company, but especially those located in our Boston, MA, College Park, MD, and Columbus, OH offices. While all work will be remote for the duration of Immuta's COVID mitigation efforts, post-COVID, the position will be on-site at one of these offices - preferably Columbus, OH.
- You will lead all development, implementation, maintenance, and validation of security, privacy, and compliance policies and processes related to Immuta's software, software development, cloud platform, and IT systems.
- Maintain a deep understanding of our software, its development and test processes, hosted systems, and how our compliance obligations apply. Provide responses to and maintain reference material for customer inquiries and due diligence procedures that involve technology compliance, as well as participate in discussions for security and compliance assessments.
- Lead the effort to attain SOC-2 certification.
- Work with external auditors and coordinate audits internally.
- Support third party oversight processes, including security and compliance assessments of Immuta's vendors and service providers.
- Design and monitor controls and address violations and gaps.Manage proactive customer communication regarding security issues.
- Coordinate compliance work streams across all functional areas of Immuta.
- Develop corrective action plans for compliance deficiencies identified by internal audits, external audits, and other means.
- Continuously confirm and refine Immuta's internal control framework and related documentation (e.g., policies, procedures, narratives, training material).
- Contribute to ongoing controls development and improvement.
- Implement security and other training programs relevant to compliance.
- Over the long term, develop and maintain a risk register for Immuta and achieve other security and compliance certifications.
- Experience mapping and rationalizing controls to meet requirements across multiple information security/technology compliance standards.
- Previous experience implementing and building a compliance practice including attainment of SOC-2 certification.
- Five to seven years of security or compliance analysis, or audit/assurance/advisory experience, preferably including building controls in the cloud / SaaS space.
- Strong verbal and written communication skills.
- Ability to work cross-functionally with other areas of business with experience building engaged professional partnerships.
- Able to work independently, manage multiple priorities / projects and pivot between responsibilities in a fast-paced, high-growth environment.
- Exceptional critical thinking abilities, strong business acumen, and excellent judgment.
- Exemplary personal and professional integrity and business ethics.
- Thorough attention to detail, highly organized and adaptable to shifting business priorities, have an enthusiasm for compliance and be able to instill that enthusiasm in others.
To apply, visit: https://jobs.lever.co/immuta/159dbe58-f8d1-4bc4-8094-3a8765a693ed
Immuta provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, national origin, marital status, age, disability (including disability due to pregnancy) or genetics, protected veteran status, or any other characteristic protected by law. Immuta complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment.
Copyright 2017 Jobelephant.com Inc. All rights reserved.
Posted by the FREE value-added recruitment advertising agency