Search

Policy Compliance Program Manager

companyNetApp, Inc.
locationNorth Carolina, USA
PublishedPublished: Published 2 weeks ago
Compliance Management Systems / Technology
Job Summary

Global Security Policy Program Manager

The Policy Compliance Program Manager manages cyber security policy communication, development, and maintenance for the Global Security Organization. The program manager will be responsible for coordinating reviews, approvals, and timelines to ensure that policy is kept up to date and relevant to the current security environment. Drafts and coordinates approval for controls, standards, and policies to meet industry level expectations. Manages documentation to ensure compliance with business, regulatory, and customer requirements. Coordinates how policies are displayed, approved, and used within the organization. Creates marketing materials to educate and communicate policy topics to relevant organizations.

Job Requirements

  • Draft and manage policy documents for senior management review and approval
  • Communicate directly with vice president and senior vice presidents to review and approve policy
  • Plan, direct, manage and report metrics and key information to senior management on the status of the policy development program
  • Plan and manage processes to develop, maintain, and manage policies and controls to ensure on time approvals and support to internal and external audits.
  • Operate with minimal guidance, develop plans, and execute policy development in a dynamic environment
  • Manage audit requests related to policies and ensure that company meets requirements
Minimum and Preferred Qualifications

Minimum Qualifications:
  • Bachelor's degree in business, accounting, finance, computer science, information systems, engineering, or a related field strongly preferred; equivalent combination of education and experience may be substituted in lieu of degree
  • At least two (2) years of GRC (governance, risk, compliance) experience with methodologies, activities, tools, and enablers in a technology related industry and five (5) - seven (7) years of experience in business process analysis, project methodology, or systems development life cycle through education or on-the-job experience, required
  • Ability to demonstrate a strong understanding of various compliance and regulatory areas (e. g. GDPR, NIST 800-53, DFARS/NIST 800-171, ISO27001)
  • Demonstrate the ability to develop and/or coordinate creating security standards and guidelines based on best practices and industry standards
  • Excellent written, and verbal communication skills
  • Strong analytical and problem-solving skills
  • Familiarity with security auditing processes
Preferred Qualifications
  • Information security related training or certifications such as CISSP or CRISC
  • Experience with GRC tools (i.e. Archer, ServiceNow, AuditBoard)
  • Technology writing experience
Compensation:
The target salary range for this position is 155,520 - 218,570 USD. The salary offered will be determined by the candidate's location, qualifications, experience, and education and may be outside of this range. Final compensation packages are competitive and in line with industry standards, reflecting a variety of factors, and include a comprehensive benefits package. This may cover Health Insurance, Life Insurance, Retirement or Pension Plans, Paid Time Off (PTO), various Leave options, Performance-Based Incentives, employee stock purchase plan, and/or restricted stocks (RSU's), with all offerings subject to regional variations and governed by local laws, regulations, and company policies. Benefits may vary by country and region, and further details will be provided as part of the recruitment process.