What you'll be doing ...
The Senior Manager, Compliance is responsible for managing the company's IT
compliance and privacy programs and evaluating/pursuing industry/security
certifications that meet our customer's requirements.
Some of the things you ll be doing include
- Leadership and management of a team including resource management, hiring, mentorship, and performance management
- Responsible for managing the company's SOX and SOC 2 compliance programs.
- Responsible for managing the company's privacy program.
- Maintains Policies and Procedures regarding Data Privacy and Protection. Formulate enterprise-wide privacy and security procedures and guidance, consistent with applicable U. S. and international laws and regulations.
- Maintains current knowledge of applicable federal, state and international privacy and security laws, standards, and regulations and, in cooperation with the Legal team, monitors advancements in privacy and security technologies to ensure organizational adaptation and compliance.
- Provides guidance:
- Tableau looks at new programs such as GDPR, NIST and FedRAMP
- Determining whether a data breach or data loss has occurred under applicable laws, regulations and contractual requirements.
- Drafting and negotiating privacy-related terms and conditions with customers, vendors and subcontractors.
- Support to the Risk Assessment team, Contracts and/or Procurement regarding privacy compliance with vendors and subcontractors.
- Oversight for the delivery of privacy and security training in both the US and applicable international markets to employees and appropriate third parties.
- Develop security controls and processes that align with company policies and regulatory requirements.
- Develop and document processes that support privacy and compliance objectives.
- Evaluate controls and testing processes to identify opportunities to mitigate risk, strengthen controls, and reduce overhead.
- Primary liaison to IT for internal and external audit activities. Facilitate collection of evidence and scheduling of resources required for control walkthroughs.
- Perform testing of IT controls and audit systems, services, and processes to verify adherence to company security policies and procedures.
- Drive remediation efforts for deficiencies or develop and implement compensating controls.
- Prepare documentation related to remediation actions and testing outcomes.
- Track and report on compliance activities.
Who you are
- Experienced. 7+ years' leading and executing compliance programs. Experience managing privacy and compliance programs from inception to operation, including privacy and security risk and compliance management, metrics tracking, privacy and cybersecurity training development and deployment, incident management and risk assessments. IT audit experience, preferably in a large organization or big four firm to include current reviews (SOX, SOC 2) and future (ISO 27001).
- Educated. Bachelor s degree in Computer Science, Business, Accounting or related field or equivalent work experience. Relevant professional certifications such as CISA or CISSP desired.
- Knowledgeable. Deep working knowledge of state, federal and international privacy and information security laws, normal contractual requirements and industry regulations. Deeply familiar with developing security controls and auditing systems and processes for compliance with policies and regulatory frameworks. Demonstrated knowledge of IT General Computer Controls, including Information Security, Information System Operations, Vendor Management, Business Continuity, Networks, Database, System Software, Hardware, and Application Development controls.
- Technically Savvy. Advanced understanding of compliance frameworks (SOX, SOC, ISO 27001, PCI-DSS) and information security principles and practices. Particular knowledge in SaaS, Cloud Computing, BYOD, Social Media, etc. with a particular focus on how these technologies are used to communicate, collect, use and/or share information.
- Strong Communicator. Excellent written and verbal communication skills and ability to effectively interact with internal and external customers, managers, and staff.
- Detail oriented. Superior written and verbal communication and attention to detail
- You are a Recruiter! Tableau hires company builders and, in this role, you will be asked to be on the constant lookout for the best talent to bring onboard to help us continue to build one of the best companies in the world!
Associated topics: attorney corporate, compliance, compliance department, corporate, counsel, courtroom, internal, lawyer, legal affairs, legal department