Security Risk & Compliance Assurance Program Manager 9/8/2016

Nuance Seattle, WA

Company
Nuance
Job Classification
Full Time
Company Ref #
1-23259
AJE Ref #
576116408
Location
Seattle, WA
Experience
Mid-Career (2 - 15 years)
Job Type
Regular

JOB DESCRIPTION

APPLY
COMPANY OVERVIEW:

At Nuance, we empower people with the ability to seamlessly interact with their connected devices and the digital world around them. We are creating a world where technology thinks and acts the way people do by designing the most human, natural, and intuitive ways of interacting with technology.

Our nimble technology uses analytics and advanced algorithms to transform the inanimate into animate and reduce complicated processes into simple ones.

Join our Enterprise team great customer service starts here. We design virtual assistants for intelligent and effortless customer service helping customers find the information they need using whatever channel they prefer.

JOB SUMMARY:

Responsibilities:

The Security Risk & Compliance Assurance Program Manager is responsible for supporting the development, enforcement, and maintenance of security and privacy programs for the Nuance Enterprise Cloud Products. This includes ownership of policy development, incident response and reporting, leading the vulnerability management program, and overall Enterprise Cloud compliance efforts.

* Proactively protect the availability, integrity, confidentiality, and privacy of all customer and business data.

* Work closely with customers and vendors to ensure operational and reporting needs are met. Lead security audits, respond to inbound security questionnaires and facilitate customer-driven and 3rd party security assessments.

* Participate in the broader Information Security governance process with Nuance Corporate and Divisional Security leaders.

* Lead efforts in industry standards and regulatory compliance with ISO 27001/27002, Cloud Security Alliance, GLBA, Sox, PCI DSS, HIPAA/HITECH, Medicare Part D, etc.

* Oversee incident response planning/protocol. Investigate security breaches and assist with the resulting actions taken, including customer notification and interface.

* Review risks, threats, vulnerabilities and the development of remediation plans in partnership with Legal, IT, Operations and other relevant groups.

* Lead the Enterprise Cloud Vulnerability Management team

* Participate in business continuity and disaster recovery planning.

* Participate in change control processes and reviews.

* Communication of the company s security stance, including compliance issues, risks, and incidents to upper management and customers.

* Consults on other types of security (e.g., security architecture, secure development lifecycle, physical security issues) as needed.

Qualifications:

Number of Years of Work Experience:

* At least 7-10 years of related experience in Program Management, Information Security and/or IT Project Management

Skills:

* Must be knowledgeable about ISO/IEC standards and PCI requirements, prior work experience in a PCI-compliant environment strongly preferred

* Must be knowledgeable of PCI-DSS, HIPAA/HITECH, Med D program and other regulatory compliance requirements and have experience working in these environments

* CISSP or CISM preferred, additional GIAC certifications a plus

* Prior policy development and enforcement experience in a regulated environment

* Prior experience with business continuity planning, auditing and risk management, as well as contract and vendor negotiations

* Experience with software development/QA life cycle (SDL), Cloud/SaaS experience preferred

* Knowledge of complex application, network, virtual environment security, and systems operations

* Ability to relate business requirements and risks to policy and technology implementation

* Knowledge of risk assessment and remediation procedures

* Proven ability to manage projects and implementations across organizations

* Strong collaborative approach and ability to effectively interface with technical staff, senior management and customers

* Strong organizational skills, ability to manage through ambiguity and be confident and effective in high-pace/high-demand environments.

Education: A degree in a related field (CS, MIS, IT) or demonstration of relevant experience and professional maturity.

ADDITIONAL INFORMATION:

Nuance offers a compelling and rewarding work environment. We offer market competitive salaries, bonus, equity, benefits, meaningful growth and development opportunities and a casual yet technically challenging work environment. Join our dynamic, entrepreneurial team and become part of our continuing success.

Nuance Communication Inc. is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, gender identity, sexual orientation and other legally protected characteristics. The EEO is the Law poster is available here. If you need a reasonable accommodation because of a disability for any part of the employment process, please call 781-565-5000 Human Resources Department and let us know the nature of your request and your contact information.