Global Governance Risk and Compliance Director

Syniverse is the world’s most connected company. Whether we’re developing the technology that enables intelligent cars to safely react to traffic changes or freeing travelers to explore by keeping their devices online wherever they go, we believe in leading the world forward.  Which is why we work with some of the world’s most recognized brands. Eight of the top 10 banks. Four of the top 5 global technology companies. Over 900 communications providers. And how we’re able to provide our incredible talent with an innovative culture and great benefits.

Who We're Looking For

The Global Governance, Risk and Compliance Director will oversee and coordinate the company’s governance, risk, and compliance (GRC) activities in relation to data privacy, IT audit, and information security, reporting directly to the Chief Security and Risk Officer and leading a global team responsible for risk management and corporate compliance. The scope of this role carries direct responsibility for global compliance policies, processes, and standards. The role will align the Security GRC and IT audit programs with corporate objectives and address all aspects of GRC including administration, enforcement, compliance, education, investigation, and contingency planning.

-

Some of What You'll Do

Principal Duties and Responsibilities:

• Collaborate to define, implement, and administer company GRC policies and guidelines, and ensure their consistency with other relevant statutes, policies, and guidelines.
• Provide guidance and work with process owners to identify and remediate control weaknesses to ensure compliance with customer and regulatory requirements.
• Monitor the regulatory and statutory landscape on GRC and data privacy issues, keeping Syniverse personnel and senior leadership apprised of any relevant developments impacting the company’s business goals and objectives, and recommending appropriate courses of action as needed.
• Oversee and direct GRC team contributions to public company readiness and upkeep.
• Contribute to security and privacy risk evaluations and coordinate response actions in the event of any suspected data breach to ensure Syniverse responds in a timely manner that is consistent with statutory, regulatory, and contractual obligations.
• Lead internal team that is responsible for providing responses to security requirements in customer contract security clauses, RFPs, and audits.
• Lead internal team that is responsible for performing and coordinating third-party risk assessments.
• Support and contribute to Syniverse’s ongoing security training and awareness program.
• Lead internal team that is responsible for identifying needs, developing, and maintaining Critical Security Risk information.
• Oversee continuing implementation and maintenance of an information security framework.
• Assist and advise on the development of the annual audit plan and Audit Committee status reporting.
• Contribute to the annual enterprise risk assessment and perform special projects for Management as assigned.
• Stay current on GDPR and privacy issues relating to data privacy compliance, prepared to assist and act as a point of contact as needed.
• Work directly with the data protection officer (DPO) and Privacy Program to ensure company adherence to data privacy and data governance requirements.
• Manage and develop teams’ knowledge on GRC and data privacy matters.
• Advise on GRC matters and recommend courses of action to the Chief Security and Risk Officer.

 

Job Requirements:

• BS in Computer Science, Information Systems, Cybersecurity, or related field
• 10+ years’ experience in an information security environment
• 5+ years’ supervisory or management experience
• Strong experience with Governance, Risk and Compliance for controls and policy, IT Control self-assessment and measurement, remediation and exception management, reporting and advanced IT risk evaluation and compliance dashboard
• Governance, Risk and Compliance leadership experience in a public company strongly preferred
• Expertise with data privacy legislation, including GDPR and similar regulations or statutes, and ability to leverage other internal/external resources with knowhow in dealing with data protection laws and requirements
• Familiarity with the Sarbanes-Oxley Act, System and Organization Controls framework, PCAOB, AICPA and SEC guidance related to audits of the internal control environment, as well as the COSO and COBiT frameworks
• Demonstrated expertise and leadership in risk frameworks
• Strong background in contract negotiations, particularly legal language regarding audits, compliance, privacy and security provisions
• Certification as a CISSP, CISA, or other GIAC or related certification(s) desired
• Project management experience desirable
• Technology experience in a variety of IT environments
• Security vulnerability assessment/mitigation experience
• Demonstrated experience in data analysis using known data tools or software to perform queries

 

The above statements are intended to describe the general nature and level of work being performed by people assigned to this job.  It is not designed to be utilized as a comprehensive list of all duties, responsibilities, and qualifications required of employees assigned to this job.

-

Why You Should Join Us

Join us as we write a new chapter, guided by world-class leadership. Come be a part of an exciting and growing organization where we offer a competitive total compensation, flexible/remote work and with a leadership team committed to fostering an inclusive, collaborative, and transparent organizational culture.

At Syniverse connectedness is at the core of our business. We believe diversity, equity, and inclusion among our employees is crucial to our success as a global company as we seek to recruit, develop, and retain the most talented people who want to help us connect the world.

Know someone at Syniverse?

Be sure to have them submit you as a referral prior to applying for this position.