Security Risk and Compliance Management Specialist III - US

You will act as an advocate in development of overall information security program globally. Creates and performs global IT Risk and Compliance assessments. Assists in development and execution of information security, compliance, and risk best practices globally through audits, assessments, and policy-making.  This position will own Security Policy Management including Policy, Standards, Procedures, Key Control Testing and connecting with correct ownership across the organization. You will drive dispute management and working with internal advocates for policy management.You will also be responsible for instilling a quarterly training program leveraging ProofPoint along with our onboarding program.

Responsibilities

• Uses best practices and knowledge of internal or external business issues to improve products or services.
• Acts as a resource for colleagues with less experience.
• Collaborates across the organization to execute and mature the Risk Assessment process, including developing all necessary charters, processes, methodologies, and reports.
• Participates in cross-functional workgroups and planning meetings to promote ideal solutions that meet the objectives of both the business and the IT Risk, Compliance, and Information Security team.
• Where ideal solutions cannot be found, identifies and reports enterprise level risks and failures to management for escalation. Promotes sharing of expertise through consulting, presentation, and documentation.
• Assists in training other Information Security, IT Risk, and compliance staff. Communicates the value of IT Risk, Compliance, and Information Security within the organization.
• Continuously validates the organization against additional mandates, as developed, to ensure full compliance. Promotes sharing of expertise through consulting, presentation, and documentation.
• Coordinates cross-functionally to ensure a holistic approach to security and compliance across the organization.
• Evaluates, monitors, and ensures compliance with IT Risk and Information Security policies, standards, guidelines and relevant legal and regulatory requirements.
• Supports business partners where necessary in dealing with current and prospective clients. Develops appropriate data and analytics that deliver appropriate data to communicate risk at the executive level.
• Conducts IT Risk and Information Security due diligence activities relative to vendors and third parties.
• Conducts risk assessments and documents findings where the deviation from an information security or IT Risk policy or standard is desired.
• Creates risk remediation plans with business owners and follows through in the implementation of changes. Documents findings where deviations exist through internal or external testing.
• Develops internal control testing and documented processes. Updates internal control matrices where necessary to support annual changing environments.
• Adapts and creates processes as applicable, including changes in processes or reporting metrics.
• Executes as the conduit between internal control owners and external auditors, including kickoff meetings, interview requests, closing meetings, and evidence gathering.
• Executes internal customer audits which include scheduling, presentation of the Rackspace compliance portfolio, and overseeing the successful visit in conjunction with Account Managers.
• Responsible for adhering to company security policies and procedures as directed. Conducts annual audits for industry specific reports, including ISO 27001, ISO 9001, ISO 14001, ISO 18001, IRAP-AUS, Cyber Essentials+, NHS-DSO, SOC1, SOC2, SOC3, PCI, HIPAA, HiTrust, CyberGRX.

Knowledge

• Archer
• Proofpoint
• MS Office
• Sharepoint
• Wiki
• JIRA
• SNOW

Skills

• Analytical Skills
• Communication Skills
• Strong oral communicatior
• Structual Thinker
• Organizational Skills
• Relationship building Skills

Nice to Have

• Government Risk Compliance Expertise
• ProofPoint Expertise

Why Join?

• This team has strong leadership coupled with a great security team. We touch all points of the organuization which enables you to gain strong cross-training opportunites and openings into other business units. We have lots of room for innovation, and spearheading new programs and innitiatives.

For appFor applicants working in California, Colorado, Washington, or New York City, we are excited to share the base salary ranges for this position exclusive of fringe benefits or potential bonus.  The successful candidate’s starting pay will be determined based on job-related skills, experience, qualifications, work location, and market conditions. The anticipated starting pay range of California, Washington state and New York City applicants for this role is $104,000 - $138,500. The anticipated starting pay range of Colorado applicants for this role is $95,000-$126,400. Unless already included in the posted pay range and based on eligibility, the role may include variable compensation in the form of bonus commissions, or other discretionary payments.  The discretionary payments are based on company and/or individual performance and may change at any time.  Actual compensation is influenced by a wide array of factors including but not limited to skill set, level of experience, licenses and certifications, and specific work location.#LI-STORMAbout Rackspace TechnologyWe are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future.  More on Rackspace TechnologyThough we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.