Program Manager, Compliance
Mountain View, California
Born from X, Alphabet's moonshot factory, Chronicle is advancing cybersecurity for enterprises of all sizes. We are dedicated to helping companies find and stop cyber attacks before they cause harm. We work with the entire security industry to give good the advantage in the fight against cybercrime. Joining experts in large-scale cloud computing, big data, machine learning, and cybersecurity, you'll help build out the next generation of security intelligence solutions.
Chronicle is developing cybersecurity solutions for companies of all sizes. We believe our platform can give customers the breakthrough capabilities they need to better understand threats in the world and in their networks.
At Chronicle, our customers come first, and the Systems Infrastructure team is at the heart of that promise. We build the technologies that transform the way we think about doing business. We're back-end experts: protecting your privacy and ensuring your security.
As a Program Manager for Compliance, you will lead complex, multi-disciplinary projects. You plan requirements with internal customers and usher projects through the entire project lifecycle. This includes managing project schedules, identifying risks and clearly communicating goals to project stakeholders. Your projects often span offices, time zones and hemispheres, and it's your job to keep all the players coordinated on the project's progress and deadlines.
You will create and drive a program to tighten the data security and governance practices we have over our internal data. You will work closely with cross-functional teams to analyze, define and verify current and future control solutions to manage risk to sensitive data. You will also drive execution of remediation plans. Additionally, you will measure and improve current processes and designs to facilitate increased efficiency and execution.
- Coordinate, manage and facilitate compliance processes with internal and external stakeholders to provide timely deliverables and rapid remediations.
- Identify, assess, and advise on IT and business-related risks and control weaknesses continuously.
- Deliver project reporting utilizing tools to track planning, scheduling, issues, risks and overall status of compliance efforts.
- Drive the coordination and execution of ongoing data governance, access management, data protection, secure SDLC and security monitoring processes proactively across Chronicle’s business and corporate environment.
- Assist with technical issues and advise on control requirements as needs arise.
- BA/BS degree in Computer Science, Engineering, Management Information Systems, or equivalent practical experience.
- 4 years of experience with governance and security processes and controls at the systems, network and application level.
- Experience with security compliance frameworks, controls, and best practices: FedRAMP/FISMA (NIST SP 800-53), AICPA Trust Principals (SSAE 16 - SOC 2 and 3), ISO 27000 Series, PCI DSS, SANS CIS Critical Security Controls, regulations governing personally identifiable information (PII), and other regulatory compliance frameworks.
- Compliance, information security, IT audit and/or risk management experience (FedRAMP/FISMA, ISO 27001, PCI, HIPAA, SOC, SOX, and others).
- Relevant professional certifications including CISSP, CISA, GIAC or related information security certifications.
- Experience with projects using software development life-cycles and methodology.
- Experience with disaster recovery planning; continuity planning; risk assessments, threat modeling and vulnerability management programs; and/or software, systems and solutions development and delivery.
- Strong interpersonal skills; ability to work closely with people at all levels of the organization to facilitate the implementation of compliance programs including requirements consultation, readiness, audit and remediation.
- Excellent written, verbal and presentation communications skills.