Compliance Leader (Remote)
Location: Remote - US only
Job Type: Full time
**US Citizenship required.**
At Cisco Meraki, we know that technology can connect, empower, and drive us. Our mission is to simplify technology so our customers can focus on what's most meaningful to them: their students, patients, customers, and businesses. We’re making networking easier, faster, and intuitive with technology that simply works.
We are passionate about building real products that our customers love! We believe in encouraging a positive environment by hiring, mentoring, and empowering inquisitive, effective, low ego people and providing equal opportunities for all employees to thrive. With the support of management, we constantly look for ways to improve organizationally. We maintain a positive relationship with Cisco that gives us the stability and resources of a larger company without sacrificing our startup vibe —including an amazing office overlooking the Bay Bridge and stocked full of food and drinks. We are confident you will love it here!
We are seeking a top-tier Compliance leader who will oversee a team of dedicated compliance SMEs with the responsibility for commercial and public certifications as well as authorizations (e.g. PCI DSS, FedRAMP, SOC2). This multifaceted role requires a technical background and an organized, meticulous approach to reinforce program strategy to collaborators across the business. In this role, you will partner with Engineering, Security, Operations, Product Management, IT, and sister Cisco compliance teams implementing compliance requirements while driving executive alignment.
The Cloud Compliance leader will facilitate recurring internal and external audit activities to maintain relevant certifications. This leadership role requires an in-depth understanding of the evolving global regulatory landscape and designing / delivering services to obtain and maintain compliance with requirements.
What You Will Do:
- Establish operating standards and collaborate with internal partners for compliance program activities. Partner with Sales to convert market access needs into the Compliance roadmap.
- Maintain relationships with multiple stakeholders, ensuring strategic alignment and driving commitments. Lead technology discoveries / automation and optimize opportunities for improving service offerings. Effectively communicate with management on decisions that impact multiple teams.
- Leverage reciprocity between frameworks to increase compliance solution applicability across teams.
- Assist with metrics, define the Operational Excellence, and establish quarterly OKRs.
- Drive ongoing compliance programs for Meraki’s federal regulations like FedRAMP and CMMC as well as global compliance certifications like PCI, SOC2, and ISO in partnership with Cisco's Global Cloud Compliance team (GCC).
- Participate in the negotiation of contract and contract changes, coordinate the preparation of proposals, business plans, SOWs, operating budgets, and financial terms/conditions of contract.
- Provide support to the compliance audit and assessment efforts to include external third-party auditors, customer auditors, and internal audit functions.
Who you are:
- 5-10 years experience supporting FedRAMP, NIST, ISO, PCI-DSS, SOC2 or similar governance and compliance frameworks
- Bachelor’s Degree or equivalent experience with desired certifications such as PMP, CAP, CISSP, CCSK, and CCSP
- Strong understanding of common compliance for a fast-growing and fast-paced security and compliance product company
- Organized and analytical, able to identify efficiencies and eliminate obstacles through creative and adaptive approaches.
- Previous management of complex projects which are often cross-functional while demonstrating exceptional business judgment and building relationships at all levels of the company.
Skills You Have:
- Provides immediate impacts to assigned projects, is prepared and able to step in and actively project manage top level initiatives where needed. Identifies risks to program execution (cross functionally across projects) and effectively manages those risks and dependencies.
- Technical and program management skills to plan, track, collaborate and report on compliance program deliverables, including scheduling and leading meetings, assigning and tracking action items, and developing status reports to executive leadership teams.
- Ensuring all teams are interacting and setting appropriate deadlines and goals while balancing conflicting priorities and resource constraints. Demonstrated expertise in building a compliance / audit program supporting a global enterprise entrusted with hosting customer data. Experience leading a team with commercial and public sector compliance activities, including PCI DSS and FedRAMP Moderate.
- In-depth knowledge of control requirements, including NIST SP 800-53 and 53A, Rev 4 & 5 to support ongoing risk management processes throughout the risk management lifecycle.
- Experience leading teams in a fast-paced environment with exemplary people leading and mentoring skills to ensure team success.
- Execution, maintenance, and ongoing improvement of all information security assessment for third parties and IT vendors. This includes the security assessment process, conducting third-party information security assessments and ongoing third-party assurance activities.
At Cisco Meraki, we’re challenging the status quo with the power of diversity, inclusion, and collaboration. When we connect different perspectives, we can imagine new possibilities, inspire innovation, and release the full potential of our people. We’re building an employee experience that includes appreciation, belonging, growth, and purpose for everyone.
Cisco is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status, or any other legally protected basis. Cisco will consider for employment, on a case by case basis, qualified applicants with arrest and conviction records.
Cisco Covid-19 Vaccination Policy
The health and safety of Cisco's employees, customers, and partners is a top priority. Our goal is to protect and mitigate the spread of COVID-19 infection for strong business resiliency during the pandemic. Therefore, Cisco may require new hires to be fully vaccinated against COVID-19 if the role requires business-related travel, meeting with customers/partners (including visiting third-party sites on behalf of Cisco), attending trade events, and Cisco office entry, unless otherwise prohibited by applicable law, and in countries where COVID-19 vaccination is legally required. The company will consider legally required accommodations/exceptions for medical, religious, and other reasons as per the requirements of the role and in accordance with applicable law. Additional information will be provided to candidates about the requirements and accommodation process at the offer time based on region.