Compliance Program Manager

Responsibilities:

• Improvement of existing and development of new compliance programs (SOC2 Type 2, PCI DSS, GDPR, etc.)
• Leveraging existing Vanta infrastructure for security compliance implementation and reporting by:
  • Creating policies and procedures that address outstanding controls
  • Developing and tracking compliance metrics to ensure we remain on-track
  • Responsible for reporting progress and following up on action items with stakeholders or individuals across the company
• You will collaborate with stakeholders to align compliance controls with standard operating procedures, monitoring, and reporting
• Provide detailed metrics, evidence of controls, or recommended updates as needed to satisfy vendor audits, customer audits, and certifications
• Help meet our audit and contractual requirements by working with cross-functional teams and identifying long-term control owners within the organization
• Responsible for writing requirements to ensure the data at AssemblyAI meets all laws and regulations of compliance programs we pursue
• Continually working to enhance the security of data at AssemblyAI, regardless of form.

Requirements:

• Bachelor’s degree in related field or equivalent experience
• 5+ years proven knowledge of program management lifecycle, and skilled at project management tools
• 3+ years of Security Compliance program monitoring and reporting
• 2+ years of participating in SOC2 Type 2 compliance control enforcement and audit processes
• In-depth knowledge of GDPR security compliance standards
• Experience with metrics-based projects and utilizing metrics to gauge risk and success
• Experience supporting company-wide security compliance programs designed to anticipate, assess, and minimize control gaps and audit findings
• High level of comfort in communicating effectively across internal and external organizations
• Experience working with Vanta

Preferred:

• PMP Certification
• Familiarity with PCI DSS compliance requirements
• Familiarity with HIPAA compliance requirements

Skills:

• You have an ownership mindset
• You write detailed documentation around policies and processes
• Good communication skills with proven success in collaboration and teamwork
• Demonstrated understanding of and experience with security-related technologies, systems, and tools
• Comfort influencing change and driving the completion of the programs you are responsible for
• Ability to lead a project independently, raise issues, and take corrective action as needed