Security Compliance Program Manager
ActiveCampaign is the marketing automation leader for small and mid sized businesses (SMB's) around the globe. Through a sophisticated yet easy-to-use platform and tools, we allow our customers to make meaningful connections to their customers. Often, we are the center of our customer's marketing strategies and critical to their success and future.
As the fastest-growing SaaS company in Chicago, we are scaling rapidly to keep up with market demand. We are growing all of our teams and looking for people who share our values, deliver innovation frequently and join us in our mission to grow our customer base from 70,000 today to millions.
We are growing and we are growing fast. Because of this amazing growth, we are now seeking a Security Compliance Program Manager that will take over and manage many of our internal Security and Compliance program management requirements. This will be a new role that will allow the right person the ability to have an immediate impact on the organization and will also afford the opportunity to collaborate with multiple internal and external departments on a variety of IT related projects.
What Your Day Could Consist Of:
- Development of strategic roadmaps for SOC2 compliance including areas of Risk Management, Information Security, Data Governance, Business Continuity, and Disaster Recovery
- Determine the project approach, resource requirements, team roles and responsibilities, and schedule
- Develop and review estimates and assumptions for project schedule, effort, and cost using established estimating models, best practices, and past experience
- Create and manage project, risk mitigation, and communication plans
- Create project charter and scope statements, weekly status reports, risk and issues log and other project deliverables
- Execute day-to-day activities required for the development and tracking of a SOC2 and Information Security initiatives as well as including the communication and management of policies, controls, and practices
- Provide project management and program leadership, including process improvement, business process and data analysis, process documentation and support for project life cycle for supporting programs and tools
- Coordinate and project manage organization wide risk assessments and control self-assessments
- Provide guidance on project risk assessment for major cross functional projects
- Coordinate activities as part of SOC2, PCI-DSS, ISO27001, HIPAA, GDPR compliance programs
- Issues and remediation tracking for compliance with the above frameworks
- Assist in rolling out third-party security standards and risk assessment methodologies around suppliers, vendors, service providers, and members
- Coordinate conformance with Information Security policies
What We're Looking For:
- Project management experience centered around Information Security and Governance, Risk, and Compliance
- Experience working as part of a large scale Information Security, Development, or Corporate IT programs with mission-critical projects
- Understanding of one or more of the following information security and risk management areas: security log collection, database activity monitoring, network access control, identity & access management, data loss prevention, security controls (third party access), network monitoring, SOC2, HIPPA, and GDPR Compliance
- Strong demonstration of negotiation and conflict management skills
- Strong visual presentation skills
- Strong public speaking skills
- Excellent leadership and organization skills in an aggressive timeframe
- Ability to be a systems thinker, attention to quality, and relationship and team building
- Ability to interact effectively with staff, project managers, and functional managers
- Strong and articulate verbal and written communication skills
- Ability to interface with senior leadership and give senior level presentations
ActiveCampaign is an employee-first culture. We take care of our employees at work and outside of work. We'll share all the details later on but in summary: comprehensive health and welfare benefits including no premiums for employees, open time off plan, generous 401(k) matching with no vesting, lunch and endless snacks/ beverages, reimbursed commuting, education budgets, ongoing learning and development, a proactive approach to diversity and inclusion, career pathing and lots of swag.
Read Full Job Description