Manager, Information Security & Compliance
Movable Ink is a software company that helps businesses earn attention in a world where time is precious and creativity is power. Founded in 2010, Movable Ink activates any data into real-time, personalized content in any customer touchpoint. Over 700 of the world’s most innovative brands rely on Movable Ink to accelerate their marketing performance. With more than 300 employees, the company is headquartered in New York City with operations throughout North America, Central America, Europe, Australia, and Japan.
The Manager, Information Security & Compliance will be a part of the team responsible for planning, implementing and maintaining the firm-wide privacy, security and compliance strategy to protect Movable Ink’s platform. You'll work closely with leaders from around the organization to support a strong security posture aimed at protecting especially our customers' data. This includes ensuring that information security controls are operating effectively and incrementally improved. Additionally, the Manager, Information Security & Compliance will lead a subset of privacy, security and compliance-related projects to enhance the Movable Ink platform.
Responsibilities:
- Contribute to the privacy, security and compliance strategy and planning process
- Help evaluate the design effectiveness of controls based upon industry best practice models
- Perform activities to measure and monitor successful implementation of controls
- Facilitate risk assessments, maturity assessments, and the evaluation of controls and measurements against policies, standards and processes
- Manage and deliver information security and compliance projects with positive outcomes
- Compile weekly, monthly, quarterly and annual reporting and metrics covering the current control set
- Manage critical aspects of the information security and compliance remediation process, especially as it relates to SOC 2 compliance
- Contribute to clients’ security questionnaire and assessment process
- Help manage the vendor risk management program for both prospective and existing providers
Qualifications:
- Experienced in risk management techniques such as control assessments, gap analysis, external or internal audit, risk management concepts and risk assessment methodologies.
- Experience reviewing legal documents or familiarity with laws and regulations related to privacy and security
- Experience in responding to client security assessments and questionnaires
- Prior experience with managing compliance programs such as SOC 2, ISO 27,000 series and/or GDPR.
- Experience managing projects in technical environments, preferably with a cloud-based footprint
- Experience working with data-driven products and related policies and technical controls, especially in martech or adtech, a strong plus
- Bachelor’s degree or equivalent experience; minimum 4 years of experience in information security and related compliance programs
- Strong desire to stay at the forefront of security and compliance industry trends and developments
- Program/project management experience and knowledge of best practices
- Experience with large scale cloud-based technical environments preferred
- Experience with GRC tools preferred
- Experience with vendor risk management
- Strong research skills with attention to detail
- Adept at learning new technologies
- Cross-business group collaboration experience
- CISA, CISM, CISSP, ITIL v3 or similar, a plus