Jobs//Hybrid//Cybersecurity + IT//

Director, Security Compliance & Assurance

Navan
| Hybrid
Sorry, this job was removed at 8:17 a.m. (PST) on Wednesday, March 24, 2021
View 254 Jobs
Find out who's hiring remotely in Peninsula.
See all Remote Cybersecurity + IT jobs in Peninsula
View 254 Jobs
Easy Apply
By clicking Apply Now you agree to share your profile information with the hiring company.
Save job

Job Description

Tripactions is looking for a Director with experience leading programs to achieve and maintain ISO 27001, PCI DSS, GDPR, SOC2 and other regulations or Compliance Frameworks. This position reports directly to Tripactions’s Chief Trust & Security Officer. This role will manage all Security Compliance & Assurance activities for Tripactions and will work across the company (Product, Engineering, HR, IT, Legal, etc.) performing internal audits, product assessments or other assurance and monitoring activities to ensure control requirements are implemented and operating effectively in accordance with relevant regulations and certification or framework requirements. This role will also play a crucial role engaging with external parties, including auditors and customers as needed.

The Director, Security Compliance & Assurance role is central to Tripactions's continued desire to expand and establish a Trusted compliance posture across the organization. You will work closely with senior leadership, product teams and functions in a highly visible role with significant impact on the overall direction of the company. This role will directly impact new commercial opportunities for the company.

As the Director, Security Compliance & Assurance, you will:

  • Develop and Manage an Internal risk-based prioritized Compliance & Assurance Roadmap for all applicable laws, regulations or monitoring activities
  • Motivate, mentor, challenge, inspire and grow the Compliance & Assurance team
  • You and your team will perform planned periodic assessments/audits and testing activities against all applicable Security Compliance controls, policies, standards etc.
  • Communicate audit findings from assessments or audits to Senior Leadership and supporting teams
  • Develop a unified controls framework that will be applied company-wide
  • Work very closely with many cross-functional teams to assist with understanding control gaps and integrating control requirements (HR, Finance, Legal, others etc.)
  • Manage a team that will engage directly with Product Engineering and other organizational teams on compliance & audit engagements and assessments.
  • Perform audit testing and Security Compliance activities while the team is being developed and evolved.
  • Manage and communicate Compliance & Assurance timelines and roadmap to supporting teams and leadership.
  • Drive project activities to ensure requirements and schedules are met on time and within budget.
  • Develop an ongoing compliance & assurance function that maintains oversight of concurrent, company-wide programs and ongoing initiatives impacting Security Compliance.
  • Develop metrics and reporting to demonstrate Compliance & Assurance status and progress.
  • Communicate the Compliance & Assurance posture and effectiveness to Management on a scheduled basis.
  • Work closely with the Security team on audit findings and related remediation
  • Provide ongoing guidance and consultation to the organization to promote a progressive and sustainable Security & Compliance Assurance program.
  • Develop an effective Customer Assurance Strategy and methodology.
  • Develop an industry recognized audit methodology
  • Use automation to test controls and implement exception reporting
  • Develop an automated testing strategy using recognized automated tools and techniques
  • Work in collaboration with Security to develop and implement a centralized audit evidence repository and GRC tool.
  • Cross-train internal resources and develop team members skills and expertise
  • Integrate ongoing changes to laws, regulations and frameworks as required into daily activities

Requirements:

  • 7-9 years working experience within Data Security & Compliance
  • 3-5 years of Security Compliance Experience in a Management role for (PCI DSS, ISO 27001, SOC2)
  • 3-5 years of people management experience (Directly managing internal or external teams).
  • Experience auditing against GDPR and other privacy related laws or regulations
  • BS or MS in computer science or related field
  • Expert understanding of PCI DSS, GDPR, ISO 27001, SOC, regulations and framework required
  • Expert understanding of Cloud controls and environments
  • Expert understanding and demonstrated execution of PCI DSS, GDPR, ISO 27001, SOC, testing and audit procedures required
  • Strong understanding and experience auditing a cloud environment (AWS)
  • Strong understanding of common compliance frameworks such as COBIT, COSO, ISO 27K, HITRUST and industry recognized guidance such as NIST
  • A strong foundation in IT solutions development and deployment
  • Practical understanding of IT Security Compliance, risk management and information security principles including access control, network security, information security architecture, information security operations, and leading practices and associated tools in a cloud environment (AWS).
  • Strong analytical, diagnostic, critical thinking and project management skills
  • Excellent problem-solving, negotiation and decision-making skills.
  • Superb ability to represent data in graphical form
  • Excellent written and oral communication skills
  • Strong Engagement skills (Internal & External)
  • Demonstrated experience managing Compliance activities as part of a company (not just in a consulting capacity)
  • Successful demonstrated experience managing and working with auditors
  • Successful demonstrated experience managing and working with internal cross-functional teams and product engineering groups
  • Successful demonstrated experience communicating and reporting to Senior leadership
  • Experience assessing and working with GRC tools
  • Demonstrated experience creating Compliance policies & standards
  • Positive, energetic personality, comfortable in front of groups/customers
  • Experience performing integration and acquisition assessments as it related to Compliance requirements
  • Demonstrated experience automating controls and applying an effective control automation strategy leveraging exception reporting
  • Excellent verbal and written communication skills. Ability to cater communication to a wide range of technical, clinical, and cultural backgrounds. Strong Professional etiquette.
  • CISA, CISM, CISSP, CSA CCSK, ISC(2) CCSP or other Information Security related designation required



Read Full Job Description
Easy Apply
By clicking Apply Now you agree to share your profile information with the hiring company.
Save job
By clicking Apply Now you agree to share your profile information with the hiring company.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
  • People Operations
    • JavaLanguages
    • JavascriptLanguages
    • KotlinLanguages
    • SqlLanguages
    • SwiftLanguages
    • TypeScriptLanguages
    • Google AnalyticsAnalytics
    • TableauAnalytics
    • FigmaDesign
    • PhotoshopDesign
    • AsanaManagement
    • Google DriveManagement
    • Google DocsManagement
    • Google SlidesManagement
    • JIRAManagement
    • Chorus.AICRM
    • DocuSignCRM
    • LinkedIn SalesNavigatorCRM
    • OutreachCRM
    • SalesforceCRM
    • MailChimpEmail
    • SlackCollaboration
    • ZoomCollaboration
    • AsanaProject Management

Location

181 Fremont St. 23rd Floor , San Francisco, CA 94105

An Insider's view of Navan

What are some social events your company does?

It’s may sound cliche, but Navan’s sales culture is ‘work hard, play hard’. Navan knows how to have fun and build an awesome culture. It's beyond your usual happy hours; I’m talking about incredible trips, gourmet handrolls, and lots of dogs! It’s safe to say I’ve met my best friends at Navan.

Nathaniel

Mid-Market Account Executive

How do you collaborate with other teams in the company?

The culture here promotes direct communication and mutual trust, fostering cross-functional collaboration among talented and driven coworkers. Our clear business goals empower us to work together and constantly challenge each other to raise the bar and deliver the best platform, experience, and partnership for our customers.

Jordan

Regional Director, Mid-Market Expense Sales

How has your career grown since starting at the company?

I've had the pleasure of sitting in 8+ roles here at Navan over the last 5 years (SDR to Regional Director). Being at a business with lofty goals and a "failure isn't an option" mentality opens the door to expedite career progression, constant new opportunities and projects, and the ability to learn from a one-of-a-kind leadership team.

Anna

Regional Director, Enterprise Expense Sales

What are Navan Perks + Benefits

Navan Benefits Overview

Our Benefits

We realize benefits are important as they support keeping you at your best at all times. Our benefits are here for you if you get sick or hurt, help you save for now and later, encourage you to take time off work and travel, and provide perks specific to being a Navan employee both in and out of the office.

Culture
Volunteer in local community
Partners with nonprofits
Open door policy
OKR operational model
Team based strategic planning
Pair programming
Open office floor plan
Employee resource groups
Employee-led culture committees
Hybrid work model
In-person all-hands meetings
President's club
Employee awards
Diversity
Diversity employee resource groups
Hiring practices that promote diversity
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability insurance
Dental insurance
Vision insurance
Health insurance
Life insurance
Pet insurance
Wellness programs
Mental health benefits
Financial & Retirement
401(K)
Company equity
Child Care & Parental Leave Benefits
Generous parental leave
Family medical leave
Company sponsored family events
Vacation & Time Off Benefits
Unlimited vacation policy
Generous PTO
Paid holidays
Paid sick days
Flexible time off
Floating holidays
Bereavement leave benefits
Company-wide vacation
Office Perks
Commuter benefits
Company-sponsored outings
Free daily meals
Free snacks and drinks
Some meals provided
Company-sponsored happy hours
Onsite office parking
Pet friendly
Relocation assistance
Home-office stipend for remote employees
Mother's room
Professional Development Benefits
Job training & conferences
Lunch and learns
Promote from within
Mentorship program
Continuing education available during work hours
Online course subscriptions available
Customized development tracks
Personal development training
View full list of perks + benefits

More Jobs at Navan

Easy Apply
By clicking Apply Now you agree to share your profile information with the hiring company.
Save job
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about NavanFind similar jobs like this