Key Responsibilities:
- Assists in annual audits for industry specific reports, including ISO 27001, ISO 9001, ISO 14001, ISO 18001, IRAP-AUS, Cyber Essentials+, NHS-DSO, SOC1, SOC2, SOC3, PCI, HIPAA, HiTrust, CyberGRX.
- Ensure documents, projects, process, and product initiatives comply with regulatory and legal requirements and enterprise policy.
- Provide data and analytics in support of the risk officer and risk committees.
- Develop and recommend compliance solutions impacting the enterprise.
- Develop Risk Assessment process, charters, policies, methodologies, and reports.
- Participate in cross-functional workgroups, communication strategies, and planning meetings to develop solutions that meet the objectives of both the business and the IT Risk, Compliance, and Information Security team.
- Coordinate and respond to regulatory requirements and requests and ensure the execution of examinations.
- Conduct IT Risk and Information Security due diligence activities relative to vendors and third parties.
- Conduct risk assessments and documents findings where the deviation from an information security or IT Risk policy or standard is desired.
- Ensure risk remediation plans meet key business objectives and partners with the business owners to follows through with corrective action steps.
- Provide guidance on areas of security, privacy and regulatory compliance to Sales, Marketing, Product Development, Legal and Policy teams.
- Conduct analysis of risk rating, risk appetite, and provides data driven summaries to business leaders.
- Update internal control matrices where necessary to support annual changing environments.
- Executes the conduit between internal control owners and external auditors, including kickoff meetings, interview requests, closing meetings, and evidence gathering.
- Execute internal customer audits which include scheduling, presentation of the Rackspace compliance portfolio, and overseeing the successful visit in conjunction with Account Managers.
Qualifications:
- At least five years of related experience
- Bachelor’s degree in Computer Science, Computer Studies, Information Technology, Information Security or a related field.
- Prefer CISSP.
- Advanced knowledge gained through an IT Risk Management, Governance, Risk and Compliance, Information Security, Data Privacy, Vendor Management, and/or Business Continuity Management role in a global organization, professional services/consulting firm, or within a related industry.
- Understanding of Network Security, Data Center operations, build pipeline, and cloud infrastructure security.
- Deep understanding of Cloud Computing technologies and migration challenges.
- Ability to implement security controls, SCTMs. Technology/software sales, consulting, or equivalent skills.
- Ability to apply knowledge of vulnerability management, risk management assessment, and IA policy and procedures to develop, implement, and maintain a secure business environment.
Discover your inner Racker: Racker Life
- The anticipated starting pay range for Colorado is: $89.300 - $130,900. .
- The anticipated starting pay range for the states of Hawaii and New York (not including NYC) is: $95,000 - $139,260.
- The anticipated starting pay range for California, New York City and Washington is: $104,000 - $152,570.
About Rackspace Technology