The Senior Manager, IT Security Governance, establishes, documents and publishes mature IT Security policies, practices, processes, procedures, standards and guidelines and assures that all members of the workforce are sufficiently aware and adequately trained on their responsibilities.
Working with the other IT Security groups, Legal and Compliance teams, the Senior Manager will establish a framework of security controls that assures compliance with all relevant internal and external authoritative sources (regulatory and contractual). The Senior Manager will ensure that all security practices are mature, automated via eGRC software (where possible) and aligned with senior leadership direction.
The Senior Manager must clearly interpret the impact of new obligations in order to ensure that all formal policies, procedures, standards, practices and guidelines meet or exceed requirements in alignment with Endurance International Group’s business priorities and tolerance for risk.
What you’ll do:
- Establish, document, publish and maintain a framework of security controls that assures compliance with all relevant internal and external authoritative sources (regulatory and contractual)
- Establish, document, publish and maintain all internal IT Security policies, procedures, standards and guidelines
- Establish, document, publish and maintain all security awareness and training program which facilitates a security conscious culture
- Manage and lead a team of IT Security Governance Management professionals
- Monitor and analyze trends in IT security governance management trends in order to update appropriate IT security policies, procedures, standards, practices and guidelines and strengthen internal operations
- Provide subject matter expertise on IT Security Governance Management practices as necessary to support business operations
- Report to leadership format illustrating performance while identifying areas for improvement
- Review all operational risk management practices and ensuring that they are effectively and efficiently automated and integrated between our eGRC software and other process automation tools in use by stakeholders (where possible)
- Review contracts and other legal documents in order to provide consultative advice on matters pertaining to IT security, governance, risk and compliance
- Translate legal expectations into IT operational practices and ensuring compliance with guidance from Counsel
- Understand and leverage the tools and techniques necessary to evaluate the effectiveness of IT services and operational lifecycles, including; product/software/application development and system acquisition
- Lead and coordinate the response and recovery activities from information security incidents, and manage function-related business processes Including:
- Collaborating with appropriate business partners and lines of business to analyze and contain information security incidents;
- Establishing oversight of information security incidents and communicating analysis, containment, and remediation efforts to all involved partners;
- Determining the root-cause of incidents and working with stakeholders and responsible parties to remediate any identified control gaps or failures;
- Escalating issues to management in a timely manner with appropriate information regarding risk, action times, and root cause analysis;
- Maintaining & utilizing incident response & recovery plans; and,
- Exercising independent judgment in methods, techniques and evaluation criteria for obtaining results
Who you are:
- At least 8 years of experience required in one or more of the following areas: IT Governance, Audit, Compliance Management, IT Organization Management, IT Security and Continuity Management, Application Portfolio Management, or System and Network Management
- At least 6 years of experience required in developing and executing quality control compliance programs within information technology areas with experience and solid knowledge of IT-related processes such as system and information security, system development and change management, computer operations, and data protection
- Ability to lead a core team of IT compliance analysts while managing contracted compliance personnel during periods of increased demand
- Demonstrated understanding of IT compliance and audit management principles and risk-based information technology and security governance software for identifying critical risks, adhering with compliance requirements, and objectively prioritizing which concerns require increased attention and allocation of resources
- Ability to effectively manage projects and complete multiple tasks simultaneously and efficiently while maintaining a sense of urgency and attention to detail
- Able to evaluate and analyze complex data to assess compliance and formulate sound decisions and justifications
- Strong project management, written, and verbal communication skills
- Education: Bachelor’s Degree preferred
Why you’ll love us:
- Love fitness? So do we! Enjoy our free fitness center, just a short stroll away, and outdoor yoga all summer long.
- We know you’re more than what you do from 9-5. Whether you can’t learn enough about Ayurveda, or prefer to spend free time walking shelter dogs at your local animal rescue, we support however you fuel your passion when you’re not fueling our brands. Our employees use our products for free (or at deep discount!) to help them refine their passion projects.
- We keep you well fed and hydrated. Daily breakfasts, healthy snacks, flavored seltzer dispensers, and lunch every Friday. And don’t miss our bar with four rotating taps and Willy Wonka style candy counter.
- We volunteer. A lot. Through partnerships with local charities like Rosie’s place, Junior Achievement, and Lazarus House, our teams are routinely out in our community giving back and doing good.
- Plentiful parking. Park further away to get your steps, or as close as you can to the entrance - it doesn’t matter to us, because there’s plenty of free onsite parking and electric car charging stations.
- Stretch your legs. We have stand up desks, and if you’re really motivated, you can do a few miles on the treadmill desks. We have communal seating to work and chat if you need a fresh view. Go ahead, get moving!
- We’ve got you covered. From 401k, generous PTO, tuition reimbursement, casual dress code and excellent medical, dental, and vision - we’re there for you!