Senior Manager, IT Security Compliance

Okta

Location: United States

Job Type: Full time

Posted


We are a Security company and Okta’s Customer Identity Product Unit (CIPU) Security & Compliance team is in the privileged position of supporting a security-first culture for a company that wants to make the internet safer.

As the Sr. Manager, Information Security Governance Risk and Compliance Manager, you will be responsible for managing internal and external audits, managing a vendor due diligence program, managing a security risk management program, and developing and maintaining security policies, and controls procedures within CIPU.

Responsibilities

  • Lead and maintain all certification efforts (including SOC2, ISO, CIS Standards, HIPAA, and GDPR) and future efforts in FedRamp, HiTrust, and ISMAP.
  • Work with Legal and Data Privacy to ensure that CIPU meets data privacy and security requirements.
  • Conduct internal security audits, risk assessments, and business impact assessments.
  • Work with business leaders to ensure information security risk findings are reviewed and solutions are implemented.
  • Be responsible for the development and maintenance of security policies, procedures, and guidelines.
  • Assess the security qualifications of current and potential vendors.
  • Scale out our Third Party Risk and Security Management program including managing our Vendor Risk Management tool, collecting and reviewing data, performing triage, and regularly re-viewing vendors.
  • Respond to tracking and reporting from Internal and external Audit findings within the CIPU.
  • Drive Business Continuity (BC) planning process to the appropriate level across the CIPU and ensure BC plans are updated and reviewed annually
  • Support self-certification and self-monitoring for IT controls, and maintain an active liaising channel with the CIPU function
  • Drive engagement, comms, and adoption for all risk and compliance tasks to ensure the rationale for the task is understood, the mandate is embedded, and colleagues and partners are trained and can perform effectively and efficiently.
  • Ensure that CIPU remains compliant with national legislative, regulatory, contractual, and security governance obligations.
  • Be responsible more managing a team of Security and compliance analysts to support business functions in EMEA, AMER & APAC regions.

Requirements

  • Security and Compliance subject-matter-expert with in-depth knowledge of security governance in the cloud services IT technologies
  • Comprehensive knowledge about Information Security risk standards, frameworks and best practices (i.e., ISO27K1, NIST, CIS, SOC:1-2 Cyber Essentials, GDPR)
  • Degree or equivalent (i.e. BSc, BEng, MSc) desirable but not essential
  • Certifications in security (i.e. CISA, CRISC, CISSP, CISM) desirable but not essential
  • Good understanding of managing internal and external audits (i.e., SOC:2, PCI) and assurance activities, including testing the design and operational effectiveness of security controls
  • Ability to provide leadership on complex and unfamiliar situations, often involving risk and emotion
  • Expert communicator with a track record of operating, partnering with and influencing up to and including exec-level stakeholders
  • Ability to operate and lead in a fast-paced organizational transformation and able to navigate and champion change across organizational/geographical complexity
  • A genuine desire to lead, develop, coach and mentor direct reports/team members

Other Competencies:

  • Project Management: Plan and manage several projects to meet compliance and security requirements. Effectively communicate with other teams at Okta during the entire project cycle.
  • Understanding of security functions including Incident Management, Change Management, Identity and Access Management, and Vendor Security Risk Management.
Okta’s Top 5 Core Leadership Competencies are part of the deeply ingrained principles that guide all of our company’s actions. They also align strongly to our cultural cornerstones, our Okta values: love our customers, empower our people, never stop innovating, act with integrity, and maintain transparency. It’s our expectation that our managers and leaders embody these core competencies:
  • Builds Effective Teams: Building strong-identity teams that apply their diverse skills and perspectives to achieve common goals.
  • Demonstrates Self-Awareness (EQ): Using a combination of feedback and reflection to gain productive insight into personal strengths and weaknesses.
  • Develops Talent: Developing people to meet both their career goals and the organization’s goals.
  • Drives Results: Consistently achieving results, even under tough circumstances.
  • Strategic Mindset: Seeing ahead to future possibilities and translating them into breakthrough strategies.

(Colorado, New York and Washington only*) Minimum OTE of $154,000/year + equity + benefits

#LI-Remote

#LI-ML1

Okta is an Equal Opportunity Employer.

Okta is rethinking the traditional work environment, providing our employees with the flexibility to be their most creative and successful versions of themselves, no matter where they are located. We enable a flexible approach to work, meaning for roles where it makes sense, you can work from the office, or from home, regardless of where you live. Okta invests in the best technologies and provides flexible benefits and collaborative work environments/experiences, empowering employees to work productively in a setting that best and uniquely suits their needs. Find your place at Okta https://www.okta.com/company/careers/.

By submitting an application, you agree to the retention of your personal data for consideration for a future position at Okta. More details about Okta’s privacy practices can be found at: https://www.okta.com/privacy-policy.

Okta is an Equal Opportunity Employer/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, marital status, age, physial or mental disability, or status as a protected veteran.We also consider for employment qualified applicants with arrest and convictions records, consistent with applicable laws. If reasonable accommodation is needed to participate in the job application or interview process, please use this Form to request an accommodation.

Okta offers everything you need to support your work, your life, and your work-life balance. Click here to learn more: https://rewards.okta.com/us

Okta is rethinking the traditional work environment, providing our employees with the flexibility to be their most creative and successful versions of themselves, no matter where they are located. We enable a flexible approach to work, meaning for roles where it makes sense, you can work from the office, or from home, regardless of where you live. Okta invests in the best technologies and provides flexible benefits and collaborative work environments/experiences, empowering employees to work productively in a setting that best and uniquely suits their needs. Find your place at Okta https://www.okta.com/company/careers/.

Okta is committed to complying with applicable data privacy and security laws and regulations. For more information, please see our Privacy Policy at https://www.okta.com/privacy-policy/.

You’ve got this!