Secure Compliance Program Manager 8/27/2016
JOB DESCRIPTIONAPPLY We believe work is not a place, but rather a thing you do. Our technology revolves around this core philosophy. We are relentlessly committed to helping people work and play from anywhere, on any device. Innovation, creativity and a passion for ever-improving performance drive our company and our people forward. We empower the original mobile device: YOU!
R4825 Secure Compliance Program Manager (Open)
Job Posting Title:
Secure Compliance Program Manager
The Secure Compliance Program Manager will join a team responsible for supporting the Citrix company-wide information security compliance programs. The Secure Compliance Program Manager serves as a trusted advisor to senior business leaders on overall strategy for product compliance and certification, and works closely with product teams to prioritize and implement technical and organizational security measures.
Primary Duties / Responsibilities
- Work with product management, marketing, engineering, and data security personnel during product development to ensure that Citrix’s cloud-based products and services meet US Federal Government (FedRAMP), AICPA Trust Services Principles (SOC 2), PCI-DSS, HIPAA/HITECH, and other security standards.
- Design effective and efficient information technology and security processes, procedures and controls that supplement divisional and corporate standards for customer and employee security & privacy
- Lead and perform periodic reviews to ensure compliance with security policy, legal requirements, and industry accepted information technology standards
- Manage and track contractual, regulatory and industry standard based compliance requirements
- Measure and report performance and risk related metrics to develop, manage, measure and maintain compliance and quality processes
- Collaborate with product managers and software engineering groups to improve and measure the effectiveness of the secure software development lifecycle
- Serve as escalation point for customer requests for non-standard security and compliance information; meet with potential and current customers as requested
- Participate in security and privacy incident management and response, as necessary
- Lead third party and vendor risk assessment process
- Prepare evidence and collaborate with internal and external auditors and consultants to facilitate audit and consulting engagements
Qualifications (knowledge, skills, abilities)
- Advanced understanding of information security standards, compliance frameworks and leading practices
- Deep understanding of one or more of the following domains: network security, web application development, database administration & development, system administration
- Demonstrated experience with delving into, understanding and solving for customer needs and problems
- Demonstrated project and team leadership experience
- Experience guiding and motivating cross-functional teams and driving change without formal authority
- Exceptional verbal and written communication skills, including the ability to effectively present to large audiences at all levels in the organization
- SOC 2 AICPA Trust Service Principles, FedRAMP, PCI or SOX audit and/or implementation experience
- Deep understanding of Cloud Infrastructure-as-a-Service (IaaS) and Software-as-a-Service (SaaS) terminology and concepts
- Graduate degree in information systems, business administration, or related (preferred)
- Familiarity with EU Data Protection Directives (preferred)
Requirements (Education, Certification, Training, and Experience)
- Bachelor’s degree in information systems or related field, or equivalent, related experience
- CISA, CISM, CRISC, CISSP, GSNA, GCCC, or GSEC designation(s)
- Strong problem solving, analytical, organizational, and project management skills
- Outstanding oral and written communication skills
- Self-motivation and the ability to work under minimal supervision
- Willingness to pursue training and certification
- Demonstrated experience working in technology sector, preferably in a SaaS environment
Project Mgmt (Information Systems)
Citrix is a cloud company that enables mobile workstyles. We create a continuum between work and life by allowing people to work whenever, wherever, and however they choose. Flexibility and collaboration is what we’re all about. The Perks: We offer competitive compensation and a comprehensive benefits package. You’ll enjoy our workstyle within an incredible culture. We’ll give you all the tools you need to succeed so you can grow and develop with us.
Citrix Systems, Inc. is firmly committed to Equal Employment Opportunity (EEO) and to compliance with all federal, state and local laws that prohibit employment discrimination on the basis of age, race, color, gender, sexual orientation, gender identity, national origin, religion, disability, protected veteran status and other protected classifications.