Information Security Compliance Manager

MA-One Cranberry Hill

Cartera

Cartera helps companies drive customer loyalty & growth via miles, points, & cash back rewards. See how we can boost sales & member engagement for your business.

View all jobs at Cartera

Apply now Apply later

Job Description:

IS Compliance Manager:

Rakuten International oversees 7 businesses with over 4,000 employees globally. The brand is recognized for its leadership and innovation in e-commerce, digital content, advertising, entertainment and communications, bringing the joy of discovery and access to more than 1 billion members across the world. Our teams deliver on the company’s mission to delight merchants and customers through innovation, optimism, and teamwork.

Cartera Commerce, a Rakuten company who is the pioneer and leader in online cash back shopping and a subsidiary of the global Internet services company, is looking for experienced, talented and passionate individuals to join our growing team. Cartera Commerce’s loyalty solutions serves major airlines to top banks, we partner with elite companies who use loyalty programs to reward their customers. We help those customers earn more rewards by shopping with over 1,000 online retailers. If you want to join a dynamic team please apply. Cartera Commerce is based in Lexington, Massachusetts.

The Information Security Compliance Manager will be part of the CISO organization with Rakuten Rewards (formerly Ebates) tasked with driving and managing cross-functional Information Security related policy and procedure creation along with running audit programs for PCI, SOC, and ISO certifications.  This role requires experience in working cross-functionally across departments and organizations, Information security, Engineering, Technology Operations, Product Management, Change Management, and Legal.  We are looking for a new hire who will be based in our Lexington, MA office of Cartera.  While the primary work location will be in Lexington, the reporting leader will be in a different office.  Strong communication and collaborating skills will be essential for effective remote coordination.

Key Responsibilities:

  • Maintain a framework of information security policies and oversee the creation of procedures to enforce policies across multiple functional groups
  • Drive the PCI and ISO compliance programs by maintaining appropriate policies and procedures governing data, networks, and web services
  • Review audit reports identify gaps and create tasks for respective groups to remediate the gaps
  • Assess gaps in information security governance, risk management and compliance and will manage the remediation of issues with the help of cross-functional matrix managed resources
  • Information security incident management, risk management, business continuity management, root cause analysis and communication with affected parties
  • Manage program to deliver internal staff training programs such as secure SDLC as part of best practice, regulatory and PCI compliance requirements
  • Lead, develop, and implement information security programs and projects
  • Manage multiple tasks and projects to meet partner contractual obligations, data protection laws, and regulatory needs under the guidance of legal counsel and information security architects

Minimum Requirements:

  • ECommerce / Online services company audit and compliance expertise
  • Experience in matrix managing compliance and risk programs
  • PCI, ISO, SOX, SOC Compliance knowledge
  • Industry certifications such as CISA, CISM, or CISSP is a plus
  • Strong documentation, policy creation, risk-benefit trade-off decision making and communication skills

Qualification Requirements:

  • Bachelor’s degree in Business Management, Accounting, information management or related field
  • 5 years of experience in internal or external information security and compliance audits
  • Experience in a renowned audit practice firm is preferred

Five Principles for Success
Our worldwide practices describe specific behaviors that make Rakuten unique and united across the world. We expect Rakuten employees to model these 5 Shugi Principles of Success.

Always improve, Always Advance - Only be satisfied with complete success - Kaizen
Passionately Professional - Take an uncompromising approach to your work and be determined to be the best
Hypothesize - Practice - Validate – Shikumika - Use the Rakuten Cycle to succeed in unknown territory
Maximize Customer Satisfaction - The greatest satisfaction for our teams is seeing their customers smile
Speed!! Speed!! Speed!! - Always be conscious of time - take charge, set clear goals, and engage your team

Rakuten provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type. Rakuten considers applicants for employment without regard to race, color, religion, age, sex, national origin, disability status, genetic information, protected veteran status, sexual orientation, gender, gender identity or expression, or any other characteristic protected by federal, state, provincial or local laws.

At the time of posting, Rakuten expects the base compensation for this role to be within the range shown below. Individual compensation will vary based on job-related factors, including the skills, qualifications, and experience of the successful candidate as well as business need and geographic location. The successful applicant for this role will be eligible for discretionary bonus, health, vision, dental insurance, 401k matching, PTO, Volunteer Time Off (VTO), and other employee benefits as the company implements.

USD $88,357.50 - $150,040.00 annually
Apply now Apply later
Job stats:  0  0  0

Tags: Audits CISA CISM CISO CISSP Compliance E-commerce Ecommerce Governance Risk management SDLC SOC SOX

Perks/benefits: Health care Insurance Salary bonus

Region: North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.