Senior Technical Risk and Compliance Manager
San Francisco - United States - San Francisco, California 94104 United States; Remote - Americas - Remote
Full Time Senior-level / Expert USD 125K - 196K
Atlassian
Atlassian's team collaboration software like Jira, Confluence and Trello help teams organize, discuss, and complete shared work.Overview
Working at Atlassian
Atlassians can choose where they work – whether in an office, from home, or a combination of the two. That way, Atlassians have more control over supporting their family, personal goals, and other priorities. We can hire people in any country where we have a legal entity. Interviews and onboarding are conducted virtually, a part of being a distributed-first company.
Responsibilities
What you'll do
Prepare annual audit plans, develop audit direction, and align with stakeholders on audit timetables
Lead and oversee a team conducting internal readiness testing for SOC 2, ISO 27001/27018, HIPAA, C5 and GDPR frameworks
Develop timeline for internal readiness assessment activities and obtain alignment from all stakeholders
Ensure all internal readiness assessment activities are finalized and completed per documented deadlines
Maintain comprehensive documentation of controls, testing procedures, and evidence to support compliance efforts
Work closely with internal stakeholders, including product and functional teams, to address architectural, infrastructure, or new services that impact compliance
Lead preparation for external audits by aligning on timeframes, roles and responsibilities, expected use of internal tooling and communication methods
Manage and coordinate external audit activity for SOC 2, ISO 27001/27018, HIPAA, C5 and PCI external audits - maintain a project plan, schedule necessary walkthroughs, and act as single point of contact for audit requests
Oversee the assessment and review of SOC reports of critical third party suppliers
Lead and oversee the design and operating effectiveness testing on predefined Privacy controls to ensure compliance with GDPR
Identify opportunities for process improvements and implement best practices to enhance the efficiency and effectiveness of the readiness testing process
Develop controls and mitigation plans, and lead aspects of their implementation
Work with senior management to improve their controls portfolio
Provide regular status updates ensuring everyone is aware of progress and road-blockers
Promote effective teamwork, collaboration, and commitment across the Product Compliance team and the broader organisation
Manage the workload of team members
Identify and provide opportunities for career growth
Seek opportunities to improve processes and collaboration to increase team output and team health
Qualifications
Your background
Minimum 8 - 10 years of management experience in IT audit, compliance, or a related field
Engineering compliance experience with frameworks/standards like SOC 2, ISO 27001/27018, HIPAA, PCI, C5 and GDPR frameworks and requirements
Familiarity with compliance frameworks and standards such as NIST 800-53
Experience with the software development business for cloud service providers
Experience with Technology Risk Management, Compliance and Information Security
Experience establishing yourself as an expert leader
Experience developing goals that are aligned with business strategy and success metrics are identified
Experience with control and risk frameworks, performing compliance and risk assessments, creating controls and overseeing mitigation projects
Experience with translating compliance requirements to engineering and product teams
Experience with determining scope, timeline creation, complex project tracking, risk management, and process improvement
Familiarity with Jira and Confluence
Relevant certifications such as CISM, CISA, CISSP, or ISO 27001 Lead Auditor are highly desirable
Compensation
At Atlassian, we strive to design equitable, explainable, and competitive compensation programs. To support this goal, the baseline of our range is higher than that of the typical market range, but in turn we expect to hire most candidates near this baseline. Base pay within the range is ultimately determined by a candidate's skills, expertise, or experience. In the United States, we have three geographic pay zones. For this role, our current base pay ranges for new hires in each zone are:
Zone A: $150,300 - $196,225
Zone B: $135,900 - $177,425
Zone C: $125,100 - $163,325
This role may also be eligible for benefits, bonuses, commissions, and equity.
Please visit go.atlassian.com/payzones for more information on which locations are included in each of our geographic pay zones. However, please confirm the zone for your specific location with your recruiter.
Benefits & Perks
Atlassian offers a wide range of perks and benefits designed to support you, your family and to help you engage with your local community. Our offerings include health and wellbeing resources, paid volunteer days, and so much more. To learn more, visit go.atlassian.com/perksandbenefits.
About Atlassian
At Atlassian, we're motivated by a common goal: to unleash the potential of every team. Our software products help teams all over the planet and our solutions are designed for all types of work. Team collaboration through our tools makes what may be impossible alone, possible together.
We believe that the unique contributions of all Atlassians create our success. To ensure that our products and culture continue to incorporate everyone's perspectives and experience, we never discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. All your information will be kept confidential according to EEO guidelines.
To provide you the best experience, we can support with accommodations or adjustments at any stage of the recruitment process. Simply inform our Recruitment team during your conversation with them.
To learn more about our culture and hiring process, visit go.atlassian.com/crh.
Tags: Audits C CISA CISM CISSP Cloud Compliance Confluence GDPR HIPAA ISO 27001 Jira NIST NIST 800-53 Privacy Risk assessment Risk management SOC SOC 2 Strategy
Perks/benefits: Career development Competitive pay Equity / stock options Health care
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.