SOC Lead, Third-Party Assurance Management and Operations
About the job
SummaryBy Outscal
- Bachelor's degree or equivalent experience
- 7+ years of experience in compliance, risk management, investigation, auditing, legal or consulting
- Experience in implementing ISO 27000 series and SOC programs
- Experience with testing ITGC, SOX, and security and privacy controls
- Knowledge of risk assessment methodologies and audit frameworks
- Excellent attention to detail, investigative, and problem-solving skills
Minimum qualifications:
- Bachelor's degree or equivalent practical experience.
- 7 years of experience in compliance, risk management, investigation, auditing, legal or consulting.
Preferred qualifications:
- Experience in implementing ISO 27000 series and SOC programs, including the development of risk assessments.
- Experience with testing Information technology general controls (ITGC) Sarbanes Oxley Law (SOX), and security and privacy controls.
- Knowledge of risk assessment methodologies and audit frameworks.
- Excellent attention to detail, investigative, and problem-solving skills.
About the job
Risk, Compliance and Integrity organization (RCI) brings together critical compliance, assurance, risk and governance functions across Google to help the company meet compliance needs and enable our businesses to innovate. Our goal is to make compliance an advantage for Google by driving scaled, data-driven, and policy-based compliance programs. We manage our operations through risk-based prioritization and governance and consistent and constructive regulator engagement.
In this role, you will make sure that when Google pursues a product or technology, we do it in compliance with the relevant System and Organization Controls (SOC) frameworks. In this role, you will lead our efforts in achieving and maintaining compliance with the SOC 1/2/3 framework, managing the entire SOC compliance program, from planning and readiness to ongoing maintenance and improvement as the business and customers needs evolve. You will develop and implement a framework that ensures consistent, efficient, and effective compliance practices. You will also plan for audit requirements, manage schedules, ensure timely completion of audits, and communicate with project stakeholders. You will collaborate with product teams and our compliance ecosystem, ensuring we are audit-ready and meet the objective to leverage assurance as a business enabler and provide an advantage.
Responsibilities
- Develop and implement a comprehensive SOC 1, SOC 2, and SOC 3 compliance program, including guidelines and a robust risk assessment framework to identify, assess, and mitigate potential risks. Create a road-map for achieving and maintaining compliance with evolving SOC standards.
- Streamline and standardize SOC compliance processes across the organization, leveraging technology and automation.
- Provide training and awareness programs to educate Googlers on SOC compliance requirements and their roles in maintaining compliance. Assess and advise stakeholders on compliance risks, controls, and issues identified during audits.
- Participate in the planning, readiness and audit execution phases, including scoping, risk assessment, preparation of documentation, the control re-validation and support of audit programs performed by external auditors.
- Manage, coordinate, and facilitate processes to address auditor’s inquiries, activities and requests effectively and timely.
About The Company
A problem isn't truly solved until it's solved for all. Googlers build products that help create opportunities for everyone, whether down the street or across the globe. Bring your insight, imagination and a healthy disregard for the impossible. Bring everything that makes you unique. Together, we can build for everyone.
