In the role of Sr.Manager, Compliance at Box, you will be responsible for ensuring the continued success of Box's Technology Compliance Certifications while leading a high performing team. We're looking for someone to not only maintain the existing program, but to expand and build even stronger foundations at Box while supporting various audit requests. Falling under Box's wider Trust Office, this role requires a comprehensive understanding of the technology compliance landscape and various control frameworks. You will work with all functions of this fast-paced, rapidly changing business, and directly with key stakeholders to drive continuous improvement and communication and education with Box's internal and external customers.
The right person will be comfortable explaining Box's compliance posture to both internal and external customers, leading teams, providing technical and creative guidance to technical teams, and passing the baton to finish projects with ease and efficiency. If this is you, please read on!
Drive and lead compliance certifications and reports such as SOC 1, SOC 2, SOC 3, ISO 27001, ISO 27018, PCI, and others
Manage and lead a high performing team
Provide compliance guidance on new product features and changes in the infrastructure
Support and drive both regulatory and customer audits
Drive improvements in existing processes and develop new innovative and efficient solutions
Communicate gaps to management and coordinate cross functional team meetings to remediate and close the control gaps
Manage the education and training of process owners about the Box controls framework
Build relationships with internal and external stakeholders
Accurately and effectively communicate our compliance position and programs to customers
Participate in contract review and negotiations with customers
Lead incoming and outgoing customer requests, including customer audits and information requests
BS degree in Business or Management Information Systems or related field
7+ years experience within a fast paced technology environment with a focus on audit or compliance
Big 4 experience preferred
CISA, CIA, CISSP or other related certifications a plus
Familiar with cloud computing and the acronyms that come with it - SaaS, IaaS, and PaaS
Extensive knowledge of at least 2 or more of the following compliance frameworks (SOC, ISO 27001, PCI, NIST 800-53, PCI, SOX)
Excellent written, verbal communication and presentation skills
Amazing organizational skills
Ability to hustle, get stuff done, and has strong integrity - make mom proud!
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.