IT Compliance ManagerReq-13078 8/11/2016
San Mateo, CA
JOB DESCRIPTIONAPPLY INFORMATION TECHNOLOGY:
IT COMPLIANCE MANAGER
SAN MATEO, CA
To start, you ll be surrounded by smart, innovative, caring people invested in our customers and the community. If you re looking to share your unique perspective and ideas at a collaborative table and help equip all kinds of businesses achieve their visions, check us out.
At NetSuite, we consider privacy as a priority for both our customers and our employees. We are dedicated to building a sound privacy program, and we are looking for strong, motivated, and qualified individuals to help us achieve this. As a privacy manager, you will report to the SR Manager of IT Compliance in lead and/or support of all ongoing activities related to the development, implementation, maintenance of; and adherence to NetSuite s policies and procedures covering the privacy of; and access to, personal, patient health, and similarly sensitive information in compliance with federal and state laws and our agreements with our customers, partners and vendors. The position will have a heavy emphasis on state, federal and international data privacy compliance (ePHI, PII, cookie laws, etc.) in areas such as HIPAA, EU Safe Harbor, EU Standard Contractual Clauses, mobile apps, ecommerce and internal training. The candidate will conduct research on existing and emerging compliance requirements, report on gaps between requirements and existing practices, and make recommendations to management on the relative difficulty and timing of pursuing new compliance programs and certifications. Additionally, the candidate will be responsible for evaluating third-party partnerships, integrations and acquisitions against our existing and planned compliance requirements, and will make recommendations based upon NetSuite s requirements and industry best practices. The position requires extensive experience in IT compliance, audit, project management, and software development lifecycle (SDLC) best practices in a SaaS/Cloud environment.
* Provide development guidance and lead the identification, implementation, and maintenance of information policies and procedures in coordination with appropriate organization management and administration.
* Ability to coordinate, communicate, and work effectively with prospects, customers, vendors, internal process owners, internal and external auditors, and all levels of management
* Hands on experience in process testing and walkthroughs
* A demonstrated ability to partner with department leaders to enhance processes and compliance activities through the use of process standardization and technology
* Demonstrated ability to absorb and analyze new technologies and business processes
* Strong knowledge with enterprise applications used to support specific business functions
* Experience with ePHI, PII and other data privacy and related security regulatory and compliance requirements required.
* Assess end to end risks and controls with evaluation of existing processes
* Be an effective liaison with US and international financial management, operational, application, and legal teams and Internal and External Audit to identify areas of concern, develop the relevant solutions, provide management response, track progress and drive actions to completion
* Maintain controls documentation with SME s and ensure compliance with Legal and Internal and External Audit
* Enforce compliance with privacy policies in conjunction with internal audit, developing, managing and monitoring security and privacy processes
* Drive the execution and successful completion of data privacy projects, within schedules and budgets
* Perform periodic audits of IT projects, applications, operations and environments for adherence to corporate privacy policies and guidelines
* Assist in advising the organization with current information on related regulatory issues and compliance technologies
* Direct the efforts and work products of IT Compliance staff in a matrixed, project-based, environment
7-10 years of experience in privacy compliance, focused on information security, risk, privacy, and controls, of which at least 3 years is in a project or program management position.
* Ability to quickly understand and apply new standards/requirements to the SaaS environment
* Excellent interpersonal skills working in a team environment
* Excellent written and verbal communication skills and ability to work effectively and efficiently with all levels of management
* Must have strong problem solving and troubleshooting skills
* Self-motivated and capable of working independently
* Organized and reliable, able to efficiently manage multiple tasks
* Great attitude and work ethic
* Willingness to work off-hours, as required
Travel: Up to 15%