Responsibilities
- Lead and engage in internal and external audits covering compliance frameworks such as ISO 27001/27701, PCI-DSS, NIST 800-171, NIST 800-53 (FedRAMP), and IRAP
- Utilize or explore artificial intelligence and automation technologies to improve, simplify, or scale governance, risk, and compliance operations
- Oversee governance, risk, and compliance programs across multiple teams
- Work with process owners, control owners, auditors, and external consultants to monitor and resolve audit findings
- Carry out risk evaluations, security audits, and assessments of third-party and vendor risks
- Examine contractual agreements to confirm adherence to security and compliance standards
- Detect deficiencies in current processes and propose enhancements to strengthen organizational security
- Clearly convey compliance obligations and risk factors to both technical and non-technical audiences
- Conduct periodic reviews of user access rights
- Create and manage plans to address and resolve identified risks and compliance issues
- Keep the organization’s risk register current and accurate
- Supervise security assurance activities related to vendors
- Partner with internal teams to design and deploy internal controls consistent with regulatory requirements
- Support cross-functional discussions on risk and security topics
- Foster collaborative relationships across departments and functions
- Assume additional duties as assigned
Benefits
- Energetic and evolving workplace culture
- Comprehensive benefits supporting personal and professional well-being
Other
- May require occasional international travel
- Position necessitates alignment with U.S. Pacific Time working hours; candidates must be available between 2:00 PM and 11:00 PM Indian Standard Time
