Director, Information Security & Compliance
Movable Ink is a software company that helps businesses earn attention in a world where time is precious and creativity is power. Founded in 2010, Movable Ink activates any data into real-time, personalized content in any customer touchpoint. Over 700 of the world’s most innovative brands rely on Movable Ink to accelerate their marketing performance. With more than 300 employees, the company is headquartered in New York City with operations throughout North America, Central America, Europe, Australia, and Japan.
The Director, Information Security & Compliance will be a part of the team responsible for planning, implementing and maintaining the firm-wide privacy, security, and compliance strategy to protect Movable Ink’s platform. You'll work closely with leaders from around the organization to support a strong privacy and security posture aimed at protecting especially our customers' data.
This includes ensuring that information security controls are well-designed, operating effectively, and incrementally improved over time. Additionally, the Director, Information Security & Compliance will lead privacy, security and compliance-related projects to enhance the Movable Ink platform.
Responsibilities:
- Contribute to the privacy, security and compliance strategy and planning process.
- Lead the SOC 2 compliance program
- Conduct an annual control self-assessment
- Help evaluate the design effectiveness of controls based upon industry best practices
- Perform activities to measure and monitor successful implementation of controls
- Manage and deliver information security and compliance projects with positive outcomes
- Compile weekly, monthly, quarterly and annual reporting and metrics covering the current control set
Qualifications:
- Minimum 5 years of experience in privacy, security and compliance
- Strong desire to stay at the forefront of security and compliance industry trends and developments
- Program/project management experience and knowledge of best practices
- Experience with large scale cloud-based technical environments preferred
- Experienced with SOC 2, ISO 27,000 series and GDPR preferred
- Experience with GRC tools preferred
- Experience in responding to client security assessments and questionnaires
- Experience with vendor risk management
- Experience with security incident response, a plus
- Strong research skills with attention to detail
- Adept at learning new technologies
- Cross-business group collaboration experience
- CISA, CISM, CISSP, ITIL v3 or similar, a plus