Build the future of data. Join the Snowflake team.
AS THE Senior Security Compliance Specialist (SOX - ITGC), YOU WILL
- Support Snowflake business teams to achieve and maintain their security and compliance posture in accordance with regulatory requirements including for example Service Organization Control (SOC), FedRAMP, PCI-DSS, Sarbanes Oxley (SOX) etc. Validate on-going compliance of policies and process / procedures in support of requirements and ensure that controls are operating effectively.
- Responsible for quality and on-time execution of periodic audit activities such as user access reviews, cloud security group review, etc.
- Collaborate closely with internal stakeholders to ensure compliance across various systems as well as interact with auditors to provide audit assurance
- Assist with development of technical security risk and compliance documentation to create repeatable audit artifacts.
- Support and monitor remediation efforts of audit findings and validate the closure by reviewing relevant evidence.
- Assist with other GRC activities as required.
- Review, develop, execute, and maintain security policies and procedures for compliance
- Document and Communicate status and compliance effectiveness to management on a regular basis.
OUR IDEAL Sr Security Compliance Specialist WILL HAVE:
- 8+ years of Compliance, Security or Audit experience in a cloud environment
- Must have proven experience supporting and driving assessments or audits for cloud platforms (AWS, Azure, and GCP) and major front and middle-office SaaS platforms
- Prior experience with managing other security compliance audits of cloud environments against security frameworks like SOC1 & 2,SOX, ISO 27001, PCI DSS, FedRAMP, NIST 800-53 etc. is a plus.
- Ability to organize, conduct and drive meetings and outcomes with little to no manager involvement. Must be aware of and deliver quality stakeholder engagement experience.
- Ability to work efficiently and independently in a fast-paced, innovative environment.
- Excellent written and verbal communication skills.
- Effective analytical and problem solving skills.
- Proactive and detail oriented team player.
- Experience working with Internal and External Audit teams
- Ability to learn, understand, and work with new emerging technologies, methodologies, and solutions in the Cloud/IT technology space.
BONUS POINTS FOR EXPERIENCE WITH THE FOLLOWING
- Certification preferred in one or more of the following: CISA, CISSP, CISM, Cloud platforms such as AWS, Azure or GCP
- Proficiency in use of JIRA, Confluence