Model N (NYSE: MODN) is looking for a high-energy and mission-driven individual who can develop and be a passionate leader of a Compliance Program primarily focused on information security and data privacy. In this role, you will have the opportunity to work cross-functionally with every department within Model N, as well as with customers. We are looking for someone who can communicate clearly and effectively at all levels of the enterprise and has exceptional process management, writing and documentation skills. As the Compliance Manager at Model N, you will operate largely independently, but as a part of a small and agile Legal team.
- Develop and maintain compliance program, primarily focused on information security and data privacy, including strategies, policies, SOPs, Work Instructions and process documentation
- Assist Legal, Pre-Sales and customer security teams by taking ownership of audit and security-related topics such as security questionnaires, privacy and security contract riders, and vendor assessments
- Coordinate with cross functional security specialists from products, cloud ops, services and IT to manage high priority information security initiatives
- Manage and maintain SOC compliance activities and audits, including working with internal and external teams and auditors to ensure security audit readiness and addressing any questions or concerns about the reports or controls from inside or outside parties
- Project manage internal and third-party security testing and assessments, including disaster recovery and penetration testing
- Evaluate and analyze security incidents and determine response
- Assist Product and Engineering teams on identifying, prioritizing and tracking product vulnerabilities
- Understand current regulatory environment and related implications to information security and data privacy compliance (Privacy Shield, GDPR).
- Knowledge of SOC 1, 2 and 3 principles as well as relevant IT standards and norms (e.g., ISO27001)
- Familiarity with OWASP Top Ten, SANS 25 issues and correlating application security findings
- CISSP, CISA, ITIL, or other relevant certificates are a plus
- Knowledge of SAST / DAST testing tools
- Strong understanding of web applications, Cloud infrastructure security, risk assessment and disaster recovery
- Able to document and design processes and workflows
- 7+ years' relevant work experience
- Strong project management and communication skills
- Able to strike sensible and practical balance between compliance risks and the need to do business
- Highly poised, well organized, and able to prioritize a heavy workload and own outcomes
- Self-starter; ability to problem-solve utilizing critical thinking and information analysis skills
- Proficiency in MS Project / Excel / Word and PowerPoint is required
About Model N:
Model N (NYSE: MODN) is the leader in revenue management solutions. Driving mission-critical business processes such as configure, price and quote (CPQ), contract and rebate management, business intelligence, and regulatory compliance, Model N solutions transform the revenue lifecycle from a series of disjointed operations into a strategic end-to-end process. With deep industry expertise, Model N supports the complex business needs of the world’s leading brands in pharmaceutical, medical device, high-tech manufacturing, and semiconductor across more than 100 countries, including Johnson & Johnson, AstraZeneca, Novartis, Microchip Technology and ON Semiconductor. For more information, visit www.modeln.com. Model N® is the registered trademark of Model N, Inc. Any other company names mentioned are the property of their respective owners and are mentioned for identification purposes only.
Model N is an Equal Opportunity Employer.