What we are looking for:

We're looking for you to join our information security organization as a Senior Global Risk Compliance Manager. Reporting to our Vice President, Chief Information Security Officer, you'll coordinate and execute initiatives across a broad spectrum of governance, risk, and compliance disciplines. Your team will manage compliance and certifications, perform risk management activities, manage 3rd party assurance, and assist sales with customer/prospect inquiries.

In this role, you will: 

• Create, deploy, and manage policies, procedures and controls to assure compliance with applicable regulatory and legal requirements as well as good business practices as part of a controls assurance program
• Conduct formal risk analysis and self-assessments program for various Information Services systems and processes
• Directly support front-line sales professionals through the operation of a customer security management office (CSMO)
• Be responsible for creating, deploying, and managing a comprehensive global privacy protection program
• Deploy and maintain a 3rd party vendor assurance program
• Identify, analyze, and implement process improvements and effectively communicate and lead change management initiatives
• Work cross functionally to advocate on behalf of both customers and technology professionals needs with internal teams including engineering, product, and IT
• Successfully drive adoption of processes and key metrics that improve performance
• Demonstrate technical understanding of the Quickbase product, the PaaS market, as well as SaaS sales models

Ideally, you'll have:

• 7+ years of information risk management experience, including direct experience building programs aligned with a leading regulatory compliance framework such as PCI, SOC2, FedRAMP, or ISO 27001
• 3+ years of experience interfacing with customers and sales professionals describing information security best practices and internal controls
• Demonstrated experience leading the implementation of a leading regulatory compliance framework such as PCI, SOC2, FedRAMP, or ISO 27001 and communicating requirements to a broad audience
• Demonstrated familiarity and experience with international privacy programs, including GDPR and CCPA/CPRA
• Demonstrated success contributing to a culture of collaboration and cooperation, leading to the professional development of others
• Demonstrated success driving adoption and utilization of information risk processes and key metrics