Information Security & Compliance Specialist
Movable Ink powers meaningful experiences in email and on the web for the biggest brands in the world. Data is at the heart of these experiences, and the security of that data is vital to our business. We are collecting petabytes of data each quarter that must be securely managed throughout its lifecycle.
The Information Security & Compliance specialist will be a part of the team responsible for planning, implementing and maintaining the firm-wide privacy, security and compliance strategy to protect Movable Ink’s platform. You'll work closely with leaders from around the organization to support a strong security posture aimed at protecting especially our customers' data. This includes ensuring that information security controls are operating effectively and incrementally improved.
One year from now you will have:
- Developed a solid understanding of Movable Ink’s platform and became comfortable/confident answering security questionnaires
- Developed strong working relationships across Movable Ink’s departments
- Achieved proficiency with and successfully maintained Movable Ink’s compliance tracking system
- Maintained data governance internal documentation and training materials
- Contributed to timely vendor and partner risk assessments
- Helped the team achieve positive outcomes for SOC2, CCPA, GDPR and other frameworks
Responsibilities:
- Respond to information security and privacy client questionnaires
- Develop effective partnerships with departments across the organization to:
- Facilitate the collection of evidence for security audits
- Coordinate and manage recertifications
- Help ensure internal security controls are widely understood and consistently followed
- Track, monitor, and test compliance with internal security controls to ensure related processes effectively meet requirements
- Identify opportunities for process improvements and make incremental enhancements
- Administer Movable Ink’s GRC software solution
- Track privacy, security and compliance-related contractual clauses
- Keep control language up-to-date
- Help with cross-framework control mapping
- Facilitate the vendor and partner risk management process
- Maintain information security and compliance documentation and training materials
Qualifications:
- Undergraduate degree in information security, CS or IT-related field (or equivalent work experience)
- Genuine interest in privacy, security and compliance and staying current on the latest trends and advancements
- Ability to work collaboratively
- Excellent organizational skills and detail oriented
- Ability to manage competing deadlines and multi-task
- Exposure to privacy or security-related compliance frameworks preferred (e.g., SOC2, ISO 27001, and GDPR)
- Security related certification(s) a plus
- Experience gathering evidence from a range of different sources for audit purposes
- Experience using GRC tools or similar technologies for audit support a plus