Cybersecurity Compliance Program Manager

2 Days ago • 10 Years +

About the job

Summary_{By Outscal}

The IT Compliance Manager will oversee Enterprise IT controls, processes, and transactions to ensure all relevant regulatory, legal, and internal compliance guidelines are followed

What You'll Work On

Develop the IT General Controls Framework, implement and manage an effective IT controls audit and compliance program for the enterprise across all domains of IT, and manage cybersecurity risk to the business.
Ability to self-audit with limited assistance from system or service owners across all IT domains i.e., Network, Cloud, IAM, Data, Application, IoT, IT and Security Operations/ Engineering.
Partner with peer teams and business where necessary. Expected to be self-reliant on security audits, reviews, evidence retrieval. Engage with 3rd party auditors on testing/walk-throughs and address any security gaps.
Create and manage effective action plans in response to audit discoveries and compliance violations.
Partner with system owners on IT services audit outcomes, risk management and compliance reporting.
Advise management on the company’s compliance with laws and regulations through detailed reports.
Develop, and up-keep company IT security policies and procedures. Regularly audit company procedures, practices, and documents to identify possible weaknesses or risks.
Ensure stakeholders are educated on the latest regulations and processes. Resolve business concerns about regulatory and legal compliance.
Maintain positive rapport with IT teams, business, and auditors through effective communications.
Develop, self-audit, manage, and oversee IT Controls across all domains of IT i.e., Network security, Cloud Security, Infrastructure security, End-point security, IAM, Data security, Endpoint security, Application security, IT/ Security operations, ensuring internal and regulatory compliance, working with peer teams to address any gaps and report on compliance.
Adhere to the Company’s Quality Management System (QMS) as well as domestic and global quality system regulations, standards, and procedures.
Understand relevant security, privacy and compliance principles and adhere to the regulations, standards, and procedures that are applicable to the Company.
Ensure other members of the department follow the QMS, regulations, standards, and procedures.
Perform other work-related duties as assigned.

What You'll Bring

Bachelor's degree in computer science or related field with 10+ years of experience, or equivalent combination of education and experience
10+ years’ hands-on experience preferred in developing, implementing, and managing enterprise IT audit, governance, and compliance framework.
Ability to develop ITGC framework, implement and manage audit, governance, and compliance across all IT domains i.e., Network, Cloud, IAM, Endpoint, Data, Applications and Operations
Self-reliant & motivated, with expert level understanding of IT technology stack across Network, IAM, Endpoint, Data, Applications.
Fully self-reliant, hands-on capability across IT technology stack across Network, Cloud, IAM, Endpoint, Data & Applications. This role will be responsible for accessing and auditing, IT controls, configuration hardening, IAM configurations etc. across routers, switches, WLC’s etc. Example: Given an application domain, you will be responsible for auditing applications security stack, runtime protection, API security etc.
Expert level knowledge of audit, governance, and compliance frameworks
Expert level knowledge of cybersecurity risk management frameworks
Strong knowledge of technology landscape, regulatory/legal requirements, and procedures
Highly analytical with strong attention to detail.
Strong oral, written, and interpersonal communication skills
Proficiency with MS Word, Excel, and PowerPoint
Excellent organizational skills with ability to prioritize assignments while handling various projects simultaneously.

What We Offer

•A collaborative teamwork environment where learning is constant, and performance is rewarded.

•The opportunity to be part of the team that is revolutionizing the treatment of some of the world's most devastating diseases.

•A generous benefits package for eligible employees that includes medical, dental, vision, life, AD&D, short and long-term disability insurance, 401(k) with employer match, an employee stock purchase plan, paid parental leave, eleven paid company holidays per year, a minimum of fifteen days of accrued vacation per year, which increases with tenure, and paid sick time in compliance with applicable law(s).

Penumbra, Inc., headquartered in Alameda, California, is a global healthcare company focused on innovative therapies. Penumbra designs, develops, manufactures, and markets novel products and has a broad portfolio that addresses challenging medical conditions in markets with significant unmet need. Penumbra sells its products to hospitals and healthcare providers primarily through its direct sales organization in the United States, most of Europe, Canada, and Australia, and through distributors in select international markets. The Penumbra logo is a trademark of Penumbra, Inc.

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, age, disability, military or veteran status, or any other characteristic protected by federal, state, or local laws.

If you reside in the State of California, please also refer to Penumbra's Privacy Notice for California Residents.

For additional information on Penumbra’s commitment to being an equal opportunity employer, please Penumbra's AAP Policy Statement.