Compliance Manager
Job Description
This position helps ensure that the company remains in compliance with SailPoint's Compliance Program. This position reports to the Compliance Program Manager and works with various organizations at the company to help implement and maintain standards, policies, plans, processes, procedures, and other activities as required to meet corporate regulatory requirements. This position will manage compliance projects, track compliance activities, develop reports, track metrics, conduct testing of internal controls, and perform internal self-assessments and audits. This position will occasionally interface with Third Party Assessment Organizations and certification Project Management Offices in support of external assessments and audits. This is a Direct Hire Opportunity to work 100% Remote.
Responsibilities:
This position will require a working knowledge of the processes and procedures required to develop, test, promote, manage, support and secure SailPoint cloud-based services.
This role will be responsible for, but not limited to, the following activities -
- Maintain the achievement of full compliance with the organization's compliance goals and objectives
- Integrate new compliance requests into the Compliance Program
- Manage and train direct personnel in support of compliance activities
- Lead third party assessment efforts to completion (e.g. SOC 2 and ISO 27001 audits)
- Manage and conduct on-going assessment of company controls, policies, processes and procedures within scope of the certifications and/or audits; responsible for summarizing and reporting results of these self-assessments to SailPoint Management
- Discuss with Manager any changes to scope of audits performed, significant findings noted as the audit progresses and conclusions / recommendations of finalized audit
- Track remediation activities and provide compliance support
- Collaborate with a variety of SailPoint teams to ensure compliance concerns are addressed, compliance activities are completed, and documents are reviewed
- Assist or lead in the development, maintenance, and revision of policies, standards, procedures, work instructions, and guidelines of compliance program and related activities
- Work with SailPoint management to ensure plans are in place to deal with compliance problems when they occur and before certifications are jeopardized
- Aid in the identification, implementation, and maintenance of appropriate security and compliance measures
- Provide recommendations for improving the organization's compliance
- Maintain positive and open communication with SailPoint management and teams
- Ensure projects and time sensitive activities are completed within time planned
- Help with Federal and regulatory compliance efforts
- Stay abreast of legal, regulatory and compliance changes that could impact our policies
- Other job duties as required of the Compliance team
Requirements:
- Minimum of 5-6 years of experience in the past 7 years as a Compliance Manager and/or IT auditor
- Understanding of Information Security Controls is a must
- Experience with leading and completing successful SOC 2 and ISO 27001 audits with external firms
- Ability to build strong relationships across cross-functional teams
- Strong attention to detail
- Strong project management skills
- Technical system knowledge - especially with AWS and Azure
- General knowledge of IT systems, DevOps, IT security
- General knowledge of SDLC
- Well-versed in legal, regulatory and compliance guidelines and best practices
- Ability to manage and mentor direct personnel
- Experience with multiple Information Security control frameworks is a plus
- Experience with NIST 800-53 controls is a plus
Any of the following certifications are a plus:
- CISA, CIA, QSA, CISSP, PMP
#LI-Remote
#iso27001
#compliance
#audit
#soc2
#pci
#itauditor
SailPoint is an equal opportunity employer and we welcome everyone to our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.