Security Compliance Manager - Oakville, Canada - GTY Technology

GTY Technology

Verified Company

Oakville, Canada

2 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

The Opportunity

The Challenge

What You'll Do:_
Prepare for StateRAMP, SOC2, PCI and privacy certifications and manage program activities related to obtaining certifications.
Management and ensure accurancy of compliance tooling.
Identify compliance issues that require remediation.
Evaluate testing procedures and collet evidence for continuous monitoring.
Lead the completion of Customer Security Questionnaires, ensuring timely completion to support Sales activities.
Work with the security team to review security controls and their applicability of proposed risk mitigations.
Ensure Business Continuity and Disaster Recovery plans are up to date and aligned with business objectives.
Draft, modify and implement company policies.
Assess the business's future ventures to identify possible compliance risks.
Prepare reports for senior management and external regulatory bodies as appropriate.
Perform periodic audits on company security & compliance procedures and processes.
Consult with senior leadership and legal regarding compliance & privacy issues.
Liase with external auditors and file compliance reports with regulatory agencies
Evaluate the efficiency and applicability of controls and work with stakeholders to plan and track improvements.
Coordinate analysis and reporting of information security program metrics.
Assess product, compliance, or operational risks and recommend risk management strategies.
Maintain an active risk register.
Keep up to date of regulatory developments, how they may impact the company as well as evolving best practices in compliance controls.

The Right Fit

Who You Are:_

Skills& Experience:

510 Years of relevant experience across multiple security domains including policy, risk and compliance.
Information security strong understanding of governance and compliance standards including SOC2,
Expert knowledge of StateRamp/FedRAMP, NIST, PCI, CCPA, GDPR.
Experience orchestrating multiple compliance certification programs.
Knowledge of IT systems, security controls & Cloud environments. Ability to conduct end to end risk assessments.
Ability to conduct indepth analysis of issues pertaining to information security, data protection and internal controls and evaluate multiple factors to solve complex problems.
Ability to develop, interpret, explain, and implement company policies and procedures.
Excellent project management and organizational skills orchestrating multiple quarterly and annual audits.
Selfmotivated with the ability to work independently and manage time effectively with limited direction.
CISA, CRISC or CISM is highly desirable. CISSP, GIAC, Privacy certifications considered assets.
Methodical and diligent with outstanding planning abilities and a high attention to detail.
Outstanding communication and interpersonal abilities.
Experience in a SaaS or cloudfirst organization an asset

Core Competencies:

Risk Management and Assessment
Results-Driven
Communication
Analytic Thinking
Project Management
Flexibility
Influence
Leadership
Problem Solving

Key Performance Indicators

Acquire and maintain security compliance certifications according to business needs.
Timely completion of Customer Security Questionnaire & RFP responses
Completion of assigned projects, assessments and audits
Risk tracking & treatment

Location & Travel
This role will be remote with the possible occasional travel to our beautiful new office in Oakville, Ontario.

What It's Like to Work at GTY

At GTY, we carefully foster a work environment where employees have a safe space for creative and intellectual freedom, and the opportunity to work cross-functionally.

As part of the GTY Technology family of companies, we offer a dynamic environment with considerable opportunity for professional growth and advancement.

Here are some of the perks that GTY employees enjoy:

Competitive wages
We pay competitive wages and salaries, and we only expect an honest 40 hour week for it.
-
Wellness days

What's better than a long weekend? An extra long weekend This summer, let's begin and end the summer with an extra day ontop of the long weekend (July and Sept) An extra day to decompress and spend time doing the things you love.

Community Engagement Committee
At GTY, we know how important it is to give back. Our community engagement committee looks for ways to give back to our local communities through time, gifts and skills.

Flexible time and remote work
We understand that what a workday looks like differs by employee and the role requirements.

Through our interview process we'll work with you to ensure it's a fit for you and the specific role you're interested in.

Benefits
Ask us for a copy of our health and dental benefits

Culture committee
Celebrate at every occasion with the culture team They make sure that our team's culture is bustling, with freq