Sr. Technology Compliance Product Owner

Our Company

Changing the world through digital experiences is what Adobe’s all about. We give everyone—from emerging artists to global brands—everything they need to design and deliver exceptional digital experiences! We’re passionate about empowering people to create beautiful and powerful images, videos, and apps, and transform how companies interact with customers across every screen. 

We’re on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity. We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours!

What You Will Do

• Contribute to the expansion of Adobe’s Common Control Framework adoption throughout the organization, while actively refining and improving the framework to meet evolving needs and industry standards.
• Perform information security assessments covering domains such as user access management, network security, OS & application security, encryption, backup management, disaster recovery, physical security, and training & awareness.
• Drive technology compliance activities across Adobe under the supervision and guidance of the TechGRC manager.
• Coordinate with internal organizations at multiple levels to ensure security compliance and risk posture are maintained.
• Liaise with external auditors and customers to provide assurance regarding Adobe’s security compliance program.
• Identify internal control issues, ensure they are well-defined, and determine root causes.
• Assist in implementing and managing compliance programs, ensuring adherence to relevant standards and frameworks (e.g., SOC2, ISO, evolving regional compliances).
• Document audit procedures performed, ensuring audit methodology is consistently followed and conclusions are appropriately reached.
• Build and maintain compliance dashboards to provide a holistic view of the organization's compliance posture.
• Collaborate and coordinate activities with the TechGRC team based across multiple geo-locations.

What You Need to Succeed

• Bachelor's or Master's degree with a focus in Information Technology, Information Systems, Computer Science, or a related field.
• Minimum of 3-6 years of experience in the field of security, GRC, or a related field.
• Hands-on experience with AWS & Azure environments.
• Knowledge of compliance frameworks (e.g., SOC2, ISO, NIST, PCI, HIPAA).
• Familiarity with core IT processes/services such as SDLC, identity/user access management, backup, and disaster recovery processes.
• Good knowledge related to Container/ Kubernetes security.
• Ability to quickly change priorities and handle simultaneous tasks with strong analytical and problem-solving skills.
• Excellent communication and social skills to convey security compliance needs to both business and IT technical staff.
• Strong interpersonal, verbal, and written communication skills. The candidate must be a team player and possess strong organizational and planning skills.
• Ability to communicate effectively with both business and IT technical staff, including IT and business management.
• Ability to anticipate questions, independently assess risk, and think critically and creatively.
• Ability to work collaboratively in a fast-paced environment.

Adobe is proud to be an Equal Employment Opportunity and affirmative action employer. We do not discriminate based on gender, race or color, ethnicity or national origin, age, disability, religion, sexual orientation, gender identity or expression, veteran status, or any other applicable characteristics protected by law. Learn more.
 

Adobe aims to make Adobe.com accessible to any and all users. If you have a disability or special need that requires accommodation to navigate our website or complete the application process, email accommodations@adobe.com or call (408) 536-3015.

Adobe values a free and open marketplace for all employees and has policies in place to ensure that we do not enter into illegal agreements with other companies to not recruit or hire each other’s employees.