Manager, Compliance and Risk Management

Cyber Security San Antonio, Texas


Description

We are looking for a Manager, Compliance and Risk Management

 to join our GES Compliance team in San Antonio, Texas!

 

Position Overview

 

We are seeking a Manager, Compliance and Risk Management responsible for developing world class polices, standards and programs to enable Rackspace and customer compliance and regulatory needs. You will report on the Company’s compliance efforts and provide guidance on compliance matters. Additionally, you will communicate and institutionalize these programs globally throughout the Company influencing how Rackspace operates. You bring your subject matter expertise and apply it to bleeding edge technology, partner with the most talented people in the world, support over 300,000 customers a year and develop a team of business enablers upholding the highest standards of compliance in a fluid and dynamic environment.

 

Primary Responsibilities

 

Responsibilities

  • Execute on an enterprise GRC strategy and roadmap. 
  • Align enterprise GRC initiatives with business strategy, gain executive approval and support, and oversee successful execution.
  • Develop and maintain practical and actionable information security policy and standards that reflect the needs of the business while keeping pace with changes in the business environment, technology and threats to effectively mitigate and manage risk to the business.
  • Develop and maintain a highly-qualified staff of information security professionals across the enterprise. Build and maintain executive relationships necessary for the successful execution of the information security program.
  • Maintain accountability for responsible information security program governance through formal reporting to the CISO. 
  • Orchestrate the Enterprise Security Working Group (ESWG), participation on the Enterprise Security Steering Committee (ESSC), and alignment with executive stakeholders.
  • Develop and implement an information security risk methodology that prioritizes risk and the investment and financial strategy required to mitigate those risks.
  • Guide Corporate Compliance initiatives to assure company meets its compliance obligations while positioning the company to expand its corporate compliance offerings
  • Measure compliance with policy as part of assessing the overall security risk posture of the enterprise, and initiate programs to achieve and maintain an adequate security posture.
  • Develop and maintain external and internal relationships to influence security policy, standards and programs and enhance secure interoperability with extended entities
  • Employ an ongoing information security communications, training and awareness program tailored to the evolving needs of the business and specific requirements of various user groups.

 


An ideal candidate will have:

  • Demonstrated breadth and depth of knowledge of various Compliance Regulations/Standards: Health, Safety, Sustainability, Security & Compliance, PCI, ISO27001/9001/18001, HITRUST, Safe Harbor and HIPAA.
  • Demonstrated excellence in leadership and navigating a large, matrixed organization.
  • Exhibit willingness to be flexible and adaptive and demonstrate a desire to operate in a dynamic and high-growth environment.
  • Strong written and oral communication and presentation skills.
  • Strong management and leadership skills.
  • Strong interpersonal skills, ability to work with all levels of management across all functional areas.
  • Anticipates customer needs and proactively develops solutions to meet them.
  • Performs detailed analyses.
  • Strong analytical skills for problem identifying and solving.
  • Must be self-motivated and goal oriented and able to work under ambiguity.

 

Minimum Qualifications

  • Bachelors degree in computer science, information systems, engineering, business administration or a related field is required.
  • Must be proficient in executing GRC programs based on, but not limited to, PCI. SOC, ISO 27001/18001/9001, HITRUST.
  • Must have at least one of the following active certifications: CISA, CISM, CISSP or CFE
  • Other related certifications such as ITIL, PMP, SANS/GSEC, CIPP, CRISC, CGEIT, CPA/CA are preferred, but not required.
  • Minimum of 6 years executive leadership in information security policy, standards, compliance, technology and programs.

About Rackspace
We accelerate the value of the cloud during every phase of digital transformation. By managing apps, data, security and multiple clouds, we are the best choice to help customers get to the cloud, innovate with new technologies and maximize their IT investments. We have been honored by Fortune, Forbes, Glassdoor and others as one of the best places to work. Join us on our mission to build the world’s best technology services company.

More on Rackspace
Rackers aren’t all alike. We look different. We think uniquely. We are from many places and our beliefs & backgrounds vary. But, being a Racker — a valued member of a winning team on an inspiring mission – is what connects us all. Rackers are encouraged to bring their whole self to work every day, as we know that unique perspectives fuel innovation and enable us to best serve our customers & communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.