Information Security Compliance Manager
As our new Security Compliance Manager, you will be reporting directly into our VP Information Security and will lead security compliance and risk related activity globally.
To be successful in this role, you should be a hands-on self-starter who is just as comfortable working at the strategic as well as the operational level. You are proactive, energetic, and have the ability to work not only with people inside your organization, but also with external stakeholders and customers.
Main duties include:
- To lead on the operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies/procedures and applicable laws and regulations.
- Create and maintain security policies and standards supporting regulatory requirements, frameworks and best practices
- Producing security metrics and supporting KPI & KRI (key risk indicators) reporting activity
- Facilitation of security and compliance audits
- Coordinate audit responses, ensuring adequate and realistic responses to findings
- Leading information security risk management and assessment activities
- Assist in responding to RFP and RFI and meeting with customers to discuss security topics as necessary
Experience and skills needed –
- 5+ years of experience in risk, audit or other control function-type areas
- Technical writing and good written English. Ability to write policies and standards in a clear manner that can be understood by non-technical people
- Adept in creating reporting and presentations which simplify complex themes into understandable communications
- Strong analytical and problem-solving skills and the ability to "think-out-of-the-box"; Adaptable to change and ability to self-manage your workload in a fast-paced environment
- Methodical and self-organised with ability to go into and follow-up on the details
- Ability to understand and interpret regulations, regulatory guidance and apply such in a practical manner in an operational environment
- Understanding of the Regulatory requirements as applicable to cloud technologies
- Understanding of cloud control frameworks, their operation and limitations
- Strong understanding of information security controls & ISMS standards such as ISO27001/2, CobIT, CRISC etc.
- In-depth knowledge ISO 27001 ISMS management & administration experience
- In-depth knowledge of ISO 27001 Annex A controls
- In-depth knowledge of GDPR and national data protection laws
- Experience with SOC2 compliance standards
- Demonstrable knowledge of cyber threat mitigation, information security and risk management
- Appropriate technical knowledge and understanding of infrastructure services (Server, Network, Telephony, Cloud, etc.)
- Preferably, one or more (or working toward one or more) of the following: CIPP, CIPT, CIPM CISSP, CRISC, CISA
NICE is an innovative, fast-paced Enterprise Software company with inspiring leaders who share an unwavering passion to push the boundaries of our software solutions whilst committing to delivering the highest levels of satisfaction for our customers.
With our embedded culture of collaboration, we create extraordinary experiences through teamwork and tenacity. We achieve this this by fostering a cohesive atmosphere for our people to work in partnership cross-functionally and encourage initiative, spirit and adaptability in the face of change.
NICE works with some of the most exciting brands in the world. We welcome fresh ideas and pledge to champion our people to achieve amazing results that genuinely make a difference, and which are always rewarded.
With the support of our teams, you will gain an insight on what it takes to be successful from day one and be inspired to make an impact. You will feel valued and just like our 7,000 NICErs globally, will play an instrumental part in NICE achieving our ambitious goals.
Working in a friendly, inclusive environment based on respect and recognition, you’ll be encouraged to aim high and deliver your best work here. Mastering your professional craft, creating your own adventure and bringing your positive, can-do attitude to the table is a winning recipe for success with us.
NICE is committed to provide an environment based on equal opportunity for all qualified applicants and employees. It is the policy of NICE to afford equal employment opportunities to qualified individuals, regardless of age, race, color, creed, religion, citizenship, ancestry, national origin, sex, gender, pregnancy, mental or physical disability, marital status, veteran status, service in the Armed Forces, sexual or affectional orientation, atypical hereditary cellular or blood traits, genetic information, status as a victim of domestic or sexual violence, and/or any other status protected by any applicable federal, state and/or local statute or regulation.