IT Compliance Lead

WE ARE VERITONE 

Veritone (NASDAQ: VERI) designs human-centered AI solutions. Serving customers in the talent acquisition, media, entertainment and public sector industries, Veritone’s software and services empower individuals at the world’s largest and most recognizable brands to run more efficiently, accelerate decision making and increase profitability. Veritone’s leading enterprise AI platform, aiWARE™, orchestrates an ever-growing ecosystem of machine learning models, transforming data sources into actionable intelligence. By blending human expertise with AI technology, Veritone advances human potential to help organizations solve problems and achieve more than ever before, enhancing lives everywhere. To learn more, visit Veritone.com.

POSITION SUMMARY 

The Enterprise Governance, Risk, and Compliance Group is responsible for Veritone's compliance with the provisions of multiple regulatory frameworks providing certification that our internal control environment is operating effectively. The group reports administratively to the Chief Information Security Officer and works closely with key stakeholders across business units, corporate functions, technology, and the second and third lines of defense.

The Compliance Lead is responsible for the management and execution of IT-related components of the SOX, FedRAMP, SOC 2, and other programs, including key IT-related risk assessments, IT general controls, IT application and interface controls, and assessing the impact to business processes of the overall IT environment.

WHAT YOU’LL DO 

• Lead the transformation of the Enterprise Governance, Risk, and Compliance group and play a critical role in the refinement of the IT-related components of the SOX, FedRAMP, SOC 2 and other compliance Programs.
• Act as a change manager for continual improvement of the internal control environment.
• Assist in the strategic direction of the group, including IT program methodology, policies, templates, and procedures and provide recommendations for changes.
• Facilitate the planning, risk assessment and scoping activities for IT processes, including assessment of recent systems implementation that may impact the design and/or operating effectiveness of internal controls
• Lead walkthrough processes and collaborate with IT partners to identify areas where control enhancements and/or documentation improvements are needed (both process narratives and data flow diagrams).
• Oversee coordination between internal team members, internal and external auditors, and system/control owners to ensure cohesive and collaborative execution.
• Review testing approach and align expectations with external auditors to ensure documentation and testing complies with industry standards (including NIST and PCAOB) and allows for reliance by the external auditors.
• Review SOX testing for key general IT controls (ITGCs), IT application controls (ITACs), critical interfaces, and key reports/spreadsheets.
• Facilitate training with control owners and lead technical and process workshops. 
• Maintain a high level of visibility across the organization with various levels of Management and serve as a key point of contact within the Security and Compliance Team.

WHAT YOU'LL NEED 

• Bachelor's Degree OR 4 years of relevant experience
• 7 years of experience in public accounting or large company IT audit, IT risk consulting and/or leading SOX program support/execution, Big 4 preferred
• Professional certification including CISA, CIA and/or CPA required
• Demonstrate and apply a thorough understanding of IT-related risks and controls for complex information systems, i.e. microservice and/or cloud computing environments.
• Deep understanding of risk management methodologies, frameworks, and principles (e.g., SOX, COBIT, NIST) to evaluate and recommend optimal approaches to mitigating risk
• Strong knowledge of technology environments, including information security, infrastructure, data and software development (Cloud technologies, Windows, UNIX, Databases, Workday, etc.)
• Experience managing a team consisting of internal and outsources resources, including reinforcing performance in others, and facilitating their skill development
• Proficiency with Microsoft Office and Google Workspace

BONUS POINTS IF 

• Bachelor of Science Degree in Engineering Technology, Computer Science, or equivalent
• Relevant professional certifications in Information Security or Governance Risk Compliance Management is a plus, such as CISA, CISM, CRISC, CGEIT, CSX-P, CISSP, CCSK
• Current or former Federal government employee with information assurance responsibilities.
• Understanding of Cloud, SaaS, and IoT architectures, and their implications on information security strategy. 
• Proficiency with Atlassian products, G-Suite applications, and GRC tools, such as ZenGRC / ServiceNow / MetricStream
• Strong understanding of AI solutions and AI enablement across multiple verticals

Investigation / Clearance

• Must be a U.S. Citizen with the potential ability to obtain a Public Trust investigation (Tier 2) and / or Secret Clearance.

WHAT WE OFFER 

• An incredible opportunity to impact AI for good and empower the human with AI solutions and services
• A competitive compensation package
• Participation in the Company’s Equity Program 
• Remote first + Hybrid workplace
• VERI Communities (Affinity Groups) & Belonging
• Empowerment to build your career journey at Veritone
• Flexible (Paid) Time Off
• Benefits Program: medical, dental, vision, 401K matching, and more!
• Mental health awareness and support

OUR CULTURE

• Loves learning & continuous growth; stays current on marketing trends
• Can juggle multiple projects, priorities, and deadlines with a positive attitude
• Comfortable in a fast-paced, small company environment
• Collaborative and always contributing value
• Driven to win as a team
• Remote first workplace
• Check us out!

Veritone is a leading provider of artificial intelligence (AI) technology and solutions. The company's proprietary operating system, aiWARE, orchestrates an expanding ecosystem of machine learning models to transform audio, video and other data sources into actionable intelligence. We love to continuously grow while staying ahead of trends and creating structure in an unstructured world. 

If you’ve made it this far and align with our goals, we look forward to reviewing your qualifications!

DISCLOSURE

Our company provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics.

(Colorado & California Only*): A total annual salary range of $123,000.00 to $150,000.00 will be offered for the role. This base pay is for illustrative purposes only and will be determined based on skills and experience comparable to the job requirements. This position may be eligible for additional compensation and benefits including but not limited to: incentive compensation; health benefits; retirement benefits; life insurance; paid time off; parental leave and benefits; and other employee perks and benefits.

*Note: Disclosure as required by sb19-085 (8-5-20) of the minimum salary compensation for this role when being hired in California & Colorado.

#LI-DS1 
#LI-REMOTE

#pandoiq