Leader of TPM, Infrastructure Risk and Compliance
San Jose, California, United States
This is a leadership role within the infrastructure engineering team, responsible for managing a group of Risk & Compliance Program Managers. The Infrastructure Risk and Compliance team collaborates across various teams to develop a practical, value - driven, and collaborative framework. This framework enables and safeguards infrastructure domains to achieve their strategic goals by identifying, assessing, prioritizing, and remediating risks. As a result, it ensures that our organization meets our Trust and Safety objectives and complies with legal and regulatory obligations. Functioning as the department's Second Line of Defense, the team proactively identifies risks, effectively mitigates them, and rigorously manages them. Moreover, the team plays a crucial role in preparing the entire organization for both external and internal audits.
Core Focus Areas include:
- Infrastructure Physical Security
- Infrastructure Cyber and System Security
- Regional Compliance for Infrastructure Deployment and Operations: Ensures that infrastructure projects adhere to territorial regulations and compliance standards.
- Commercial Integrity and Third - Party Risk Management: Ensures ethical commercial practices and mitigates risks associated with external parties.
Responsibilities
- Establish our management framework by concentrating on our core domains of Privacy, Data protection, Physical Security, and Cybersecurity, and by adhering to industry standards such as SOC2, ISO 27001, NIST2, and other regional regulatory requirements.
- Identify and evaluate risks through the operation of our Risk and Compliance Management Framework.
- Develop efficient strategies to manage and remediate those risks through close collaboration with functional teams and by building cross-functional partnerships with legal, GR, PR, and other teams to leverage their expertise.
- Serve as the point of contact within the organization for handling internal and external audits. Implement improvement plans based on audit results.
- Manage a global team of Risk and Compliance TPMs.
Locations: San Jose, Seattle
Core Focus Areas include:
- Infrastructure Physical Security
- Infrastructure Cyber and System Security
- Regional Compliance for Infrastructure Deployment and Operations: Ensures that infrastructure projects adhere to territorial regulations and compliance standards.
- Commercial Integrity and Third - Party Risk Management: Ensures ethical commercial practices and mitigates risks associated with external parties.
Responsibilities
- Establish our management framework by concentrating on our core domains of Privacy, Data protection, Physical Security, and Cybersecurity, and by adhering to industry standards such as SOC2, ISO 27001, NIST2, and other regional regulatory requirements.
- Identify and evaluate risks through the operation of our Risk and Compliance Management Framework.
- Develop efficient strategies to manage and remediate those risks through close collaboration with functional teams and by building cross-functional partnerships with legal, GR, PR, and other teams to leverage their expertise.
- Serve as the point of contact within the organization for handling internal and external audits. Implement improvement plans based on audit results.
- Manage a global team of Risk and Compliance TPMs.
Locations: San Jose, Seattle
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Categories:
Compliance Jobs
Leadership Jobs
Tags: Audits Compliance ISO 27001 Privacy Risk management SOC 2
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Product Security Engineer jobsInformation Security Specialist jobsSenior Security Analyst jobsSenior Cloud Security Engineer jobsSenior Cybersecurity Engineer jobsSystems Engineer jobsSystems Administrator jobsSenior Information Security Analyst jobsSenior Network Security Engineer jobsInformation Security Manager jobsCyber Security Specialist jobsIT Security Analyst jobsIT Security Engineer jobsSecurity Consultant jobsSecurity Specialist jobsChief Information Security Officer jobsInformation System Security Officer (ISSO) jobsInformation Systems Security Engineer jobsSenior Cyber Security Engineer jobsSenior Information Security Engineer jobsSenior Product Security Engineer jobsCyber Threat Intelligence Analyst jobsSecurity Operations Analyst jobsCyber Security Architect jobsCybersecurity Specialist jobs
Encryption jobsEDR jobsTS/SCI jobsBash jobsJava jobsThreat detection jobsSplunk jobsTerraform jobsIDS jobsMalware jobsSQL jobsIPS jobsSDLC jobsTop Secret jobsRMF jobsSOC 2 jobsFinance jobsForensics jobsDocker jobsGIAC jobsActive Directory jobsCompTIA jobsIntrusion detection jobsOWASP jobsITIL jobs
VPN jobsAnsible jobsHIPAA jobsIT infrastructure jobsTCP/IP jobsOSCP jobsData Analytics jobsDoDD 8570 jobsCRISC jobsClearance Required jobsMITRE ATT&CK jobsBanking jobsCCSP jobsUNIX jobsNIST 800-53 jobsZero Trust jobsSOAR jobsEndpoint security jobsSAP jobsDNS jobsSOX jobsMachine Learning jobsJavaScript jobsCISO jobsIndustrial jobs