JELLYVISION NEEDS AN AMAZING RISK MANAGER
We at Jellyvision are the proud parents of ALEX®, an interactive employee communications platform that makes tricky decisions—like choosing and using employee benefits—easier and more enjoyable. The success of ALEX has exceeded our wildest work-related dreams, which is why we need talented Risk Manager to help keep us safe as we continue to grow.
SO WHAT’S THIS JOB ABOUT?
We’re looking for a Risk Manager to assist the Director of Information Security in supporting Jellyvision’s current and future compliance-related responsibilities (HIPAA, SOC2, PCI-DSS, customer audits, etc.) You’ll be tasked with monitoring and enforcing compliance within the policy and standards of the information security program.
You've got a solid background in HIPAA, PCI, or SOX compliance fundamentals and know how to perform an IT Risk Assessment against various parts of the enterprise. You care about assessing risk appetite, identifying & solving problems, and making sure they stay solved by performing audits & process reviews. Additionally, you can effectively communicate and teach other members of the organization the values of risk and compliance.
Ideally, you have done conducted IT Audits for large scale enterprises before and have executed Risk Assessments using various frameworks.
Additionally you’ll:
- Monitor and enforce compliance with information security program and compliance policies and standards
- Manage 3rd party risk management program
- Document and manage security/compliance exceptions where necessary
- Assist with documenting and regularly reviewing security policies, processes and procedures
- Respond to customer requests and conduct relevant contract reviews
- Collect and analyze security metrics related to risk and compliance for presentation to senior management
- Assist with creating, publishing, presenting and maintaining security and compliance educational/training material
- Liaise with third party audit personnel as required
WHAT KIND OF TECHNICAL SKILLS SHOULD I HAVE? YOU KNOW, LANGUAGES AND SUCH…?
- 5+ years’ experience in a risk and compliance or I.T. auditor or IT Security role
- Certification CISA preferred
- Familiarity with common compliance standards (HIPAA, SOC2, PCI-DSS, GDPR etc.)
- Experience with IT audits and risk assessments
- Familiarity with security frameworks (NIST CSF, preferred) and general security concepts
- Strong organizational skills and the ability to multitask and switch priorities with short notice
- Strong business analysis, research, and analytical skills
- Excellent communication skills
ANYTHING ELSE?
Yes! Our credo is a simple one: be helpful. And we think we can be most helpful if our workforce is as diverse in thought, perspective, and culture as the people who use our products. We are looking to add amazing folks to our team who will bring diversity across many lines, including race, ethnicity, religion, sexual orientation, age, marital status, disability, gender identity, sex, and country of origin.