Manager of Security Governance, Risk, and Compliance

Description

At Asurint, we’re building a leading information-based technology company in Cleveland, Ohio. Asurint is on a mission to help our customers succeed by bringing innovation, flexibility and personal ownership to background screening – all while addressing the changing regulatory landscape. We measure our efforts by the success our customers enjoy and the positive onboarding experience of their employees. We are succeeding because they succeed.

Summary

The Manager, Security Governance Risk and Compliance is responsible for partnering with all departments and/or individuals throughout the company to help drive continuous risk management and compliance improvement. This individual is also responsible for the management of the risk and compliance program and the overall governance and compliance per contractual, regulatory, industry, and legal requirements and regulations that apply to Asurint.

Responsibilities

• Leads security professionals by providing direction, coaching, training, and development to the security team and manages the team’s performance to organizational goals and expectations.
• Designs, enhances, manages, and oversees the implementation of the overall Security GRC program.
• Leads the customer security compliance function and interfaces with customers to ensure Asurint meets regulatory and contractual obligations as well as customer expectations.
• Develops and maintains the governance and compliance models regarding multiple regulatory and contractual requirements and obligations applicable to Asurint.
• Manages and leads the SOC2 program within Asurint as well as liaisons with legal, finance, and other departments to ensure security and IT controls are implemented, effective, repeatable and continuously improved upon throughout Asurint.
• Recommends and oversees the implementation of secure and compliant solutions to meet current and future government and industry requirements.
• Develops, tracks and manages the overall security risk program to ensure risks to Asurint are known, understood, mitigated and/or managed.
• Manages vendors and outside service providers effectively; sets expectations and holds them accountable.
• Provides support to ensure internal controls and processes are implemented and documented to provide compliance with regulatory and certification obligations.
• Conducts independent internal audits and escalates findings and concerns as appropriate.
• Partners with all internal business units to improve risk and governance processes, facilitate issue resolution, and to improve the overall risk posture of the company.
• Other duties as required.

Requirements

• Experience leading at the functional level is preferred.
• Experience with multiple regulatory requirements including PCI-DSS, SOX, FCRA, GLBA, etc. is required.
• Strong project management and/or continuous improvement skills are required.
• Experience with information systems or technology audit frameworks is required.
• Experience with the various security solutions and systems is preferred.
• Prior customer experience dealing with regulations and compliance aspects is required.
• Prior project management experience handling large and complex engagements and offerings is required.
• Experience with the legal/court system as well as background screening is preferred.
• Proficiency in MS Office (Outlook, Excel, Word) or similar software is required. Relevant business management systems such as general ledger, HRIS, CRM, etc. is required.
• Education: Bachelor’s degree in computer science, information technology, information security, or a related field is required. Master’s degree is preferred.
• Certifications or licensure: Certified Information Systems Auditor (CISA), Certified Fraud Examiner (CFE), Certified Information System Security Professional (CISSP) is preferred. If you do any work-related driving while at Asurint, a driver’s license and ability to maintain a driving record that is satisfactory to the company’s liability insurance carrier is required.
• Years of relevant experience in security, internal audit, risk management or related field: 7 to 10 years is required.
• Years of experience supervising employees or major projects: 2 to 4 years is preferred.

Working Conditions

• The work environment involves everyday risks or discomforts that require normal safety precautions typical of offices, including the need for general safe workplace practices with office equipment and computers, avoidance of trips and falls, and observance of fire regulations.
• This position is performed remotely within the United States or in an office setting in the Cleveland, Ohio headquarters, although off-site meetings in various settings may occur.
• Inside Asurint’s office environment, the noise level is usually quiet to moderate.
• In a remote setting, the employee is responsible for maintaining a safe and secure work environment, for arranging the off-site workspace in an ergonomically sound manner, and for maintaining standard Internet speeds in order to work effectively.   
• In a remote setting, the employee is required to ensure that all equipment and records that are the property of Asurint but have been relocated to the off-site workplace, are maintained in a safe and secure manner and are used only for business purposes. 
• The schedule is generally normal Eastern Time Zone business hours (unless otherwise communicated based on position or working location), although the employee may be required to perform work, attend meetings and events before or after normal workings hours, and occasionally on weekends and evenings. 
• Some travel by personal automobile and a valid driver’s license may be required. Occasional overnight travel may be required.
• Ability to lift light objects (less than 20 pounds) and carry them short distances (20 feet or less) is required.
• The work environment involves everyday risks or discomforts that require normal safety precautions typical of offices, including the need for general safe workplace practices with office equipment and computers, avoidance of trips and falls, and observance of fire regulations.

Benefits

In exchange for your unique abilities, perspectives and teamwork, Asurint offers a competitive salary and an excellent benefit package -- with options you can select according to your needs -- which includes:

• Medical, dental and vision effective first day of employment
• 401(k) with employer match
• Paid time off 
• 10 company-paid holidays
• Employee Assistance Program
• Wellness Program
• Paid Bereavement
• Pet Bereavement
• Pet Insurance
• Volunteer time off
• Telecommuting Stipend
• Professional development programs
• Short-term disability
• Company-paid long-term disability 
• Company-paid life insurance
• Flexible spending/health savings accounts
• Employee referral bonus

*Asurint is an equal opportunity employer. All applicants will be considered for employment without regard to race, color, religion, age, sex, national origin, disability status, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.