Director, Governance, Risk & Compliance

It’s an exciting time to be at Infoblox. Named a Top 25 Cyber Security Company by The Software Report and one of Inc. magazine’s Best Workplaces for 2020, Infoblox is the leader in cloud-first networking and security services. Our solutions empower organizations to take full advantage of the cloud to deliver network experiences that are inherently simple, scalable, and reliable for everyone. Infoblox customers are among the largest enterprises in the world and include 70% of the Fortune 500, and our success depends on bright, energetic, talented people who share a passion for building the next generation of networking technologies—and having fun along the way.

We are looking for a Director, Corporate Governance, Risk and Compliance located in Tacoma, WA, reporting directly to the CISO, who is based in California. In this role, you will contribute to the design of and monitor the control environment at Infoblox, with an eye on our current and future regulatory requirements, including SOC2, ISO, FedRAMP, SOX, and NIST CSF. At Infoblox we are taking a fresh and innovative approach at controlling, analyzing, and securing networks by intelligently managing core network services, DNS and DHCP.

You are the ideal candidate if you’re a dynamic self-starter who is comfortable with changing priorities and working cross-functionally with other teams to achieve our strategic objectives.

What you’ll do:

• Lead an established GRC team with 5 direct reports across multiple time zones to deliver on all aspects required of the GRC function at Infoblox
• Ensure that our current certification programs are maintained and annual audits are successful and well planned, including ISO27k, SOC2, SOX ITCG, and CAIQ
• Maintain a roadmap of upcoming certification requirements and activities
• Conduct risk assessments using industry standard frameworks, guide the risk management process, maintain a risk register, and manage remediation plans and exceptions
• Work with the Sales team to respond to security/compliance questionnaires of customers and vendors as required and maintain a knowledge database (currently in “Responsive”) of risk assessment questions and responses
• Manage third party risk—TPRM Program
• Establish and maintain security policies, metrics, and reporting and maintain policy documents on our internal website and externally on trust.infoblox.com
• Oversee our security awareness training/education, security champions, and phishing program
• Support collaborative working relationships with members of other functional teams within Infoblox

What you’ll bring:

• 10+ years of work experience in governance, risk, and compliance and/or information security and risk management
• Functional knowledge of the CISSP security domains and information security industry standard and best practices required
• Functional knowledge of applicable security frameworks and regulatory requirements, such as SOX, GDPR, ISO 27001, NIST-CSF, CAIQ, SOC2, and Webtrust; FedRAMP certification knowledge a plus but not a requirement
• GRC Tooling knowledge a plus, such as Diligence, ZenGRC, and MetricsStream
• Ability to communicate risk methodologies and concepts to the business
• IT audit background and consulting experience is a plus
• Ability to work in a fast-paced environment and handle ambiguity, while meeting objectives and deadlines
• Excellent interpersonal skills and ability to work effectively with diverse and distributed teams 

What success looks like:

After six months, you will…

• Establish control/leadership of all aspects of the current GRC Program
• Maintain staffing or hire additional staff if needed for scale
• Submit the next plan and budget, including financial and headcount
• Help materially improve the Security Compliance Response process, which is currently being automated via our new AI-based tool
• Roll out our Security Champions Program, along with other user education programs

After about a year, you will…

• Improve the efficiency of our certification programs, including combined audit and frameworks
• Further gains in automation of TPRM/RFP/Security questionnaire processes
• Make improvements/integration in the Risk Management Program
• Mature GRC Toolsets and integrations

We’ve got you covered:

In the spirit of pay transparency, we are excited to share our compensation philosophy. At Infoblox, we believe in paying for performance. You can expect our employment offers to take many factors into consideration, including but not limited to the location of the role, internal equity, applicable past experience, individual skill set, education, and professional certifications. Please keep in mind that the range mentioned is the base salary range for the role. The typical base salary range for this position is $153,400 -$236,170 plus corporate bonus or commission potential.

Our holistic benefits package includes coverage of your health, wealth, and wellness—as well as a great work environment, employee programs, and company culture. We offer a competitive salary and benefits package, including a 401k with company match and generous paid time off to help you balance your life. We have a strong culture and live our values every day—we believe in transparency, curiosity, respect, and above all, having fun while delighting our customers.

Speaking of a great work environment, here are just a few of the perks you may enjoy, depending on your location…

• Onsite massages, clubs, farmers market, and fitness classes 
• Delicious and healthy snacks and beverages 
• Electric vehicle charging stations 
• Outdoor amenities, seating, and courtyard BBQ 
• Dog park and pet-friendly programs 
• Newly remodeled offices with state-of-the-art amenities 

Why Infoblox?

We’ve created a culture that embraces diversity, equity, and inclusion and rewards innovation, curiosity, and creativity. We achieve remarkable results by working together in a supportive environment that focuses on continuous learning and embraces change. So, whether you’re a software engineer, marketing manager, customer care pro, or product specialist, you belong here, where you will have the opportunity to grow and develop your career. Check out what it’s like to be a Bloxer. We think you’ll be excited to join our team.

#LI-ME

#LI-Hybrid