Contact us about our enterprise services: email | phone | chat

  • Paranoids Sr Manager, Risk and Compliance

    Oath

    The Technical Manager position is within the Oath Paranoids Security group whose mission is to deliver information security solutions and services that protect Oath information assets, computing infrastructure, applications and data. Among other duties, the manager will lead the Risk and Compliance Team under the Security Risk Organization which performs a number of risk management activities. The Sr Manager will manage a small dedicated team and is expected to be a hands-on manager with overall responsibility for the team’s duties and performance.

Description

The team responsibilities include the following:
Risk Management: The team is responsible for the management and execution of Oath risk management program. The program encompasses the analysis, documentation and tracking of all Oath security risks.
Security Policies, Standards and Procedures: The team is responsible for the creation and maintenance of Oath security policies, standards and procedures.
Third Party Vendor Risk Management: The team is responsible for the the analysis, documentation and tracking of all 3rd party vendor security risks.
The Sr. Manager is expected to bring new insights and capabilities that will drive the progress of the risk management team at Oath. The technical manager will work directly with the business units and acquisitions to identify acceptable levels of risk, ensure the establishment of segregation of duties/roles and responsibilities, and effective IT controls are in place in regards to Oath security policies and standards.


Responsibilities

  • We are looking for a strong Technical Manager/Leader that is exceptionally imaginative, collaborative, and truly excited about Oath’s mission: “To simplify the Internet for consumers and creators by unleashing the world's best builders of culture and code.” ... with a security spin to keep anyone who would try and keep us from obtaining that mission at bay.
  • Your day:
  • Manage and lead a team of security leads and analysts to meet the needs in the above description
  • Provide technical leadership and insights to the team with hands-on involvement as needed
  • Develop and utilize a risk-based approach to identify and mitigate risks across all areas of responsibility
  • Manage risk by analyzing security threats and potential impacts to the business and help define solutions to mitigate exposure by leveraging expert analytical and technical skills
  • Develop and implement plans for effective execution of the risk management team’s responsibilities including risk management, policies and awareness training
  • Interface with different stakeholders inside and outside Oath to drive progress and make appropriate technical and process changes
  • See to the performance, recognition and professional development needs of the team
  • Ensure that Oath security requirements and activities are in compliance with applicable international and domestic laws, regulations, Data Transfer Agreements, etc. to minimize or eliminate risk and findings
  • Perform project management activities as they relate to the execution and delivery of the risk management team projects and deliverables
  • Generate and provide reports and metrics on all risk management activities
  • Minimum Qualifications:
  • In-depth knowledge in information security concepts, technologies and tools
  • Solid understanding of information security policies, standards and industry best practices
  • Deep expertise in risk management activities, including knowledge and application of industry risk management standards and best practices
  • Able to successfully plan, organize, motivate, and direct resources to get results
  • Strong leadership, interpersonal, and communication skills
  • Proven management skills and ability to work with infrastructure teams, development managers and information security teams to make sure that activities meet expected standards and are provided within the required schedule.
  • Strong analysis and analytics experience necessary, and strong ability to create influential presentations that are able to convey complex risks and issues to different audiences
  • Minimum Bachelor’s degree in Information systems or related field or an equivalent combination of education and experience
  • Subject matter expertise on a broad range of IT control and security industry standards and best practices, such as ISO 27001/2, CSF and NIST standards/frameworks
  • Minimum of 7+ years of hands-on technology risk, security and/or governance experience
  • Demonstrated ability to drive roadmaps, results, and key initiatives
  • Preferred Qualifications:
  • 3+ years of leadership experience
  • Experience in policy and controls creation, distribution, and maintenance at a similar organization
  • Experience with supply chain and compliance risk

Details

  • Travel No travel
  • Incentives Not provided
  • Clearance & Citizenship No requirements
  • Remote Work No remote work
  • Education Bachelors Degree
  • Salary Range Not provided

Join NinjaJobs!

Registered users get the benefit of full listing views, searches, posting options and more!

Company Ratings powered by

  • 3.3

    Overall Rating - OK


  • Culture and Values 3.6
  • Work/Life Balance 4.1
  • Senior Management 3.0
  • Comp and Benefits 3.6
  • Career Opportunities 3.0

NinjaJobs by the Numbers - Q2-17