Audit & Compliance Manager
The Job
Data loss can be devastating. Whether it’s caused by human error, bad code, rogue integrations, or malicious intent, all companies are at risk. That’s why so many companies choose OwnBackup, the #1 cloud data protection platform on the Salesforce AppExchange and global leader in SaaS data protection. With nearly 4,000 customers, we are ranked on the Forbes Cloud 100 as one of the world's top private cloud companies and have raised nearly $500 million in funding from AIkeon Capital, B Capital Group, BlackRock Private Equity Partners, Insight Partners and others.
Co-founded by seasoned data-recovery, data-protection, and information-security experts, OwnBackup is a backup and restore independent software vendor (ISV) on the Salesforce AppExchange. Headquartered in Englewood Cliffs, New Jersey, with research and development (R&D), support, and other functions in Israel, EMEA and APAC, OwnBackup is the partner of choice for some of the world’s largest users of SaaS applications.
Your Day-to-Day Role
- Lead the interactions with information security audit and assessments, manage relevant regulatory requirements, assist in the development of management responses, track, and monitor remediation progress till closure.
- Provide support to customer audits and other security and compliance assessments, questions, and interactions with prospective customers.
- Provide oversight of identifying, classifying, remediating, and mitigating risks and vulnerabilities and the policy exception request process.
- Support the day-to-day operations by identifying potential areas of cybersecurity compliance risks by performing risk assessments, and ensuring appropriate escalation and coordination of effective corrective actions.
- Conduct an analysis of internal policies, guidelines, procedures, and processes to evaluate the accuracy and adequacy of internal controls, operations, and reporting in the area of information security programs and processes impacting regulatory compliance requirements as needed.
- Collaborate with various technical and non-technical teams to evaluate the effectiveness of security controls, identify and categorize risks, provide improvement recommendations, and communicate outcomes of those activities.
- Gather requested artifacts (related to the evaluation of security controls described above, as well as other evidence of adherence to privacy and security controls)
- Communicate emerging issues, potential risks, and audit results to key stakeholders, assist in the review, and formulate responses to issues and findings from all sources.
- Work closely with business, technology, and compliance counterparts to understand business objectives, initiatives, and ensure alignment with security policies and best practices.
- Contribute in the development of security policies and standards.
- Participate in risk assessment and strategic planning and continuous improvement of the risk and compliance program.
- Assist in the development of metrics and reports that provide management visibility into the current cyber risk and compliance posture and trends.
Your Work Experience
- Bachelor's Degree in Computer Science, Information Technology or other relevant fields
- 5+ years of Cyber Risk working experience. Prior information security consulting experience preferred.
- Well versed with Technologies and continuous compliance requirements for SOC, ISO, NIST, CIS, CCPA, GDPR, GxP/GmP and others.
- Experience in FedRAMP, French HDS, Australian IRAP, and other international regulatory compliance for privacy and cybersecurity is a plus.
- Must have strong experience with enterprise compliance enforcement, defining and driving related programs and performing risk assessments.
- Expertise working with risks and internal controls
- CISA or other certifications preferred (CPA, CISSP, CIA, CISM, etc.)
- Experience using GRC and/or document management tools, particularly ZenGRC is a plus
- Ability to build and develop strong relationships
- Strong leadership skills with the ability to foster an environment of collaboration and excellence
- Effective verbal and written communication, and presentation skills including comfort with executive audiences
- Strong attention to detail with the ability to think from a “big picture” perspective
- Creativity, confidence, and flexibility
- Team player with a great sense of humor!
Important Details
This is a full-time position. The ideal candidate will work out of our New Jersey office to maximize collaboration and interaction with the business.
OwnBackup is dedicated to creating an environment where employees thrive. It’s why we provide every employee with unlimited PTO, generous medical benefits, and a 401(k) savings plan. We also offer catered lunches in the office five days a week, a full fitness center, and free shuttle bus service to and from New York City.
New employees also have the opportunity to attend our award-winning new hire bootcamp, which customizes the onboarding experience by role, provides new employees with invaluable hands-on training within their first few weeks at the company, and gives employees the chance to meet their new colleagues in-person.
Creating an environment where employees thrive also means making sure every employee feels accepted. As we scale to help all types of companies protect precious data, our team must reflect the diversity we serve. OwnBackup is an Equal Opportunity Employer and we believe that every employee in the company brings a unique perspective that they can and should contribute in order to make an impact every day. We strive to be one team, one culture, and one family that builds trust through transparency. We do not discriminate based on race, color, religion, sex, sexual orientation, gender identity, age, national origin, protected veteran status or disability status.
A Bit About Us
Have a look at our website and read through the AppExchange reviews to get to know OwnBackup a little better. Founded in 2015, OwnBackup is backed by top-tier venture capital firms and has experienced 100% year-over-year growth, establishing early market dominance in a Salesforce ecosystem that includes over 150,000 customers. And while we’ve experienced tremendous growth providing backup and recovery solutions for Salesforce customers, we are now offering our world-class data protection solution across other clouds, like Microsoft Dynamics 365. At OwnBackup, our vision is to empower customers to own and protect their data on any cloud platform.