Key Responsibilities
Create and maintain the strategic plan and roadmap for Sama governance, risk management, and compliance for information security.
Monitor continuous improvement of policies, procedures, and technology (including automation) related to security and compliance to enable risk reduction, business enablement and operational efficiencies
Independently assess compliance, security, privacy, legal and business risks and advise the management team accordingly
Manage internal and external security audits in collaboration with cross-functional teams
Lead BCP and Incident Response initiatives
Identify and classify Sama’s Information assets with respect to their sensitivity and criticality to the business across all functions and departments
Interact with the Sales Team for contract review and completion of customer security questionnaires and audits with a high level of customer service and responsiveness
Establish trusted relationships with business stakeholders across a geographically distributed team to foster continuous improvement and change management in compliance practices
In collaboration with Product/R&D, establish standards and workflows that ensure our product development teams are building and maintaining secure, compliant software systems
Led development of security and compliance KPIs and metrics to track program effectiveness
Maintain and mature comprehensive security awareness and training programs
Interact with industry experts and stay abreast of best practices in the security and compliance space to maintain technical expertise and apply these practices to Sama business challenges
Willingness to participate in global conference calls and meetings outside of normal business hours to facilitate global business
Minimum Qualifications
Bachelor’s degree in a related field
8+ years of related experience; 2-3 years of leading/managing teams
Prior experience establishing and maintaining InfoSec programs, compliance and other programs for regulations or certifications such as ISO, GDPR, SOC2, TISAX etc.
Global Privacy experience and knowledge is an added advantage (EU, US, APAC ideally)
One or more industry certificates e.g. CISSP, CISA, CISM, CRISC, CIPP, PMP, PRINCE2
Strong project management skills with the ability to manage and coordinate multiple projects and prioritize work in a fast-paced atmosphere with minimal supervision
Preferred Qualifications
Experience implementing and maturing security programs in a fast-paced start-up/emerging growth environment
Prior experience with B2B SaaS products, enterprise application
Capable of thinking independently and creatively to analyze situations and potential repercussions and communicate and execute the necessary steps to solve problems
A self-starter with the ability to work independently and as part of a team displays a cooperative work style
Ability to interact effectively with employees at all levels of the organization
Excellent communication skills (verbal, written and interpersonal) with the ability to present clear, well-thought-out recommendations
Attention to detail and accuracy
Ability to discreetly handle highly confidential and proprietary information
Ability to deal with ambiguity effectively
Apply via :
boards.greenhouse.io
