AddressKaseya® is the leading provider of complete IT infrastructure and security management solutions for Managed Service Providers (MSPs) and internal IT organizations worldwide. Kaseya’s best-in-breed technologies allow organizations to efficiently manage and secure IT to drive sustained business success. Kaseya has achieved sustained, strong double-digit growth over the past several years and is backed by Insight Venture Partners www.insightpartners.com), a leading global private equity firm investing in high-growth technology and software companies that drive transformative change in the industries they serve.
Founded in 2000, Kaseya currently serves customers in over 20 countries across a wide variety of industries and manages over 15 million endpoints worldwide. To learn more about our company and our award-winning solutions, go to www.Kaseya.com and for more information on Kaseya’s culture, please click here: Kaseya Culture.
Kaseya is not your typical company. We are not afraid to tell you exactly who we are and our expectations. We have achieved record levels of success being BOLD, being GRITTY, being ACCOUNTABLE. The thousands of people that succeed at Kaseya are prepared to go above and beyond for the betterment of our customers, and the betterment of their careers and long-term financial wealth.
GRC Manager - Miami, FL
Full-Time Position
Are you ready to make an impact?
WHAT YOU’LL DO:
The Governance, Risk, and Compliance Manager is responsible for assessing and documenting Kaseya’s compliance and risk posture as they relate to its information assets.
The purpose of this position is to provide highly skilled technical and information security expertise for the development and implementation of the information security risk management program. Responsibilities require leadership and project management experience, as well as expertise to ensure effective system-wide security analysis; intrusion detection; standards and testing; risk assessment; awareness and education; and development of policies, standards, and guidelines.
Reporting position: The GRC Manager reports to the Director of GRC.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
Leadership
- Perform other duties as assigned to ensure the smooth functioning of the department and maintain the reputation of the organization as a viable business partner.
- Recommend programmatic and technical directions and operate with a high degree of independence in matters relating to the investigation, impact, and analysis of security incidents, decisions regarding risk, and measures for computer and network security.
- Operate with a high degree of independence regarding project management activities, including the development of project plans and budget/resource estimates.
Risk
- Lead the development and implementation of the system-wide risk management function of the information security program to ensure information security risks are identified and monitored.
- Internally assess, evaluate, and make recommendations to management regarding the adequacy of the security controls for the University's information and technology systems.
- Lead efforts in business continuity and crisis management.
Policy/Compliance
- Lead the system-wide information security compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies, and regulations.
- Develop and implement effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.
- Execute strategy for dealing with increasing number of audits, compliance checks, and external assessment processes for internal/external auditors, PCI DSS, ITAR, HIPAA, NIST 800-171, and CIS.
Outreach/Awareness
- Interacts in both oral and written communications with all levels of System staff including all business units inside Kaseya, developers and other ITS staff, general counsel, and auditors, in matters related to information security and security awareness materials.
Audit
- Work with Internal Audit, Finance, and other business units inside of Kaseya.
- Work with outside audit firms for SOC 2 assessments.
- Coordinate and track all information technology and security-related audits including the scope of audits
Problem-Solving Skills
- Must be able to assess computer hardware, software, and systems for security risks or violations and work with ITS and campus staff and technology vendors to recommend solutions. Develop strategies to address awareness and training for all stakeholders as well as technical solutions. Must be able to assess the status of complex multi-location projects as well as identify and implement appropriate corrective measures to resolve issues as they arise. Must have a strong customer service orientation and the ability to project that attitude to customers in remote locations.
Contingency planning (IR, BC, DR)
- Actively engage other business units and develop IR, BC, and DR plans, Tabletop Exercises, and Business Impact Analysis of each business unit inside Kaseya.
WHAT YOU’LL BRING:
Minimum Qualifications
- 5-10 years of advanced IT skills with a high level of information security experience and expertise
- Knowledge of information security risk management frameworks and compliance practices.
- Knowledge of securing network technologies, client, and server operating systems.
- Ability to develop security standards and guidelines based on best practices and industry standards
- Experience responding to, analyzing, and communicating information security incidents
- 5-10 years of planning and managing security projects
- Excellent interpersonal, communication, and presentation skills, including formal report-writing experience
- Understanding of common security standards and regulations relating to a higher education environment (e.g., PCI DSS, FERPA, ISO2700x, etc.)
- Must be well versed with laws affecting the higher education and state/local government environments in the following areas:
- Student Privacy
- Health Care
- Finance
- State Regulations
Preferred Qualifications
- Bachelor’s degree in information technology or another related field
- Information security experience in higher education or state/local government
- Skills in documenting risk and compliance activities
- Information security-related training or certifications such as CISSP or CRISC
- Experience performing information security audits or risk assessments
- Familiarity with security auditing processes
- Must be familiar with writing policy and technical report writing
YOUR REWARD:
Join the fastest-growing tech company in the US. Earn a competitive compensation package that allows you to focus your attention on your passion in the heart of Miami's emerging tech and financial scene.
If this sounds like the right career to fit your personality and interests, please apply, we’re looking forward to meeting you!
Join the Kaseya growth rocket ship and see how we are #ChangingLives !
Additional information
Kaseya provides equal employment opportunity to all employees and applicants without regard to race, religion, age, ancestry, gender, sex, sexual orientation, national origin, citizenship status, physical or mental disability, veteran status, marital status, or any other characteristic protected by applicable law.
