Manager - Compliance and Information Security
Hyderabad, Telangana, India
Zenoti provides an all-in-one, cloud-based software solution for the beauty and wellness industry. Our solution allows users to seamlessly manage every aspect of the business in a comprehensive mobile solution: online appointment bookings, POS, CRM, employee management, inventory management, built-in marketing programs and more. Zenoti helps clients streamline their systems and reduce costs, while simultaneously improving customer retention and spending. Our platform is engineered for reliability and scale and harnesses the power of enterprise-level technology for businesses of all sizes
Zenoti powers more than 30,000 salons, spas, medspas and fitness studios in over 50 countries. This includes a vast portfolio of global brands, such as European Wax Center, Hand & Stone, Massage Heights, Rush Hair & Beauty, Sono Bello, Profile by Sanford, Hair Cuttery, CorePower Yoga and TONI&GUY.
Our recent accomplishments include surpassing a $1 billion unicorn valuation, being named Next Tech Titan by GeekWire, raising an $80 million investment from TPG, ranking as the 316th fastest-growing company in North America on Deloitte’s 2020 Technology Fast 500™. We are also proud to be recognized as a Great Place to Work CertifiedTM for 2021-2022 as this reaffirms our commitment to empowering people to feel good and find their greatness. To learn more about Zenoti visit: https://www.zenoti.com
Read more about our marquee customer event Innergize at Innergize 2024
What will I be doing?
- Own and manage the contractual certification requirements like SOC1, SOC2, ISO27001, HIPAA, and PCI DSS
- Plan and conduct internal reviews and audits in line with SOC1, SOC2, ISO27001, HIPAA, and PCI-DSS.
- Serve as a subject matter expert on at least 3 of the above standards/frameworks
- Assist internal stakeholders and work with control owners throughout the company on the process and documentation that supports compliance requirements.
- Define, Implement and Manage Policies, Procedures, Processes, and controls.
- Assess design effectiveness and continually monitor operating effectiveness of controls
- Conduct vendor risk assessments (Third Party Risk Management)
- Properly document the audit process, (including evidence gathered), and ensure all the audit issues are tracked to closure
What skills do I need?
- Atleast 8+ years of relevant experience in implementing, auditing, and managing certifications like SOC1, SOC2, ISO27001, HIPAA, and PCI-DSS
- Subject Matter expertise on at least 3 of the above-mentioned standards/frameworks
- Work as an Individual Contributor
- Experience and expertise in Vendor Risk Assessments
- Ability to perform Risk Assessments and Business Impact Analysis
- Be Proactive, organized, analytical, detail-oriented and persistent
- Certifications preferred: CISA, CISM, CISSP
- Previous Experience in a Product SaaS company is an advantage
Zenoti provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISA CISM CISSP Cloud Compliance HIPAA ISO 27001 PCI DSS Risk assessment Risk management SaaS SOC 1 SOC 2
Perks/benefits: Startup environment Yoga
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.