Sr. Manager – Governance Risk And Compliance

Saviynt’s Enterprise Identity Cloud helps modern enterprises scale cloud initiatives and solve the toughest security and compliance challenges in record time. The company brings together identity governance (IGA), granular application access, cloud security, and privileged access (PAM) to secure the entire business ecosystem and provide a frictionless user experience. The world’s largest brands trust Saviynt to accelerate digital transformation, empower distributed workforces, and meet continuous compliance.

The Sr. Manager, Governance Risk and Compliance, reports into the Information Security team, and will lead various Governance Risk and Compliance efforts.

The candidate will possess the ability to execute, scale, and continuously evolve the

Governance function to maximize the impact and oversight across the organization. The candidate must be comfortable managing projects in an Agile environment.

They should be familiar with policy and compliance requirements, including policy

documentation and system requirements to successfully respond to potential audits.

WHAT YOU WILL BE DOING

• Serve as the Governance POC both internally and externally. Identify governance or compliance requirements, assess risks, review required forms, and serve as liaison across cross functional teams to help achieve Info Sec objectives.
• Support the business with customer engagements, including attending customer calls and supporting sales teams
• Maintain compliance calendar and be accountable for the execution of various compliance assessments throughout the year, including but not limited to ISO 27001, FedRamp, PCI-DSSS, SOC 1, SOC 2.
• Respond to requests from customers for information on our security measures
• Review security clauses in customer and vendor contracts
• Conduct risk assessments, compile risk registers, and track risk remediation plans
• Establish and lead risk management activities, including identification of risk and recommended mitigations; track and manage risks and issues from identification through closure.
• Execute on GRC initiatives as defined within the security roadmap, while working with the broader Information Security team and technology teams
• Collaborate with key stakeholders to ensure successful execution of mission and business needs
• Establish, review, and enhance security training and awareness programs
• Have a working knowledge of the NIST CSF and RMF frameworks
• Establish and maintain appropriate metrics that will help measure the GRC posture of the company
• Develop and update Policies, Standards and Procedures per the organization’s policy framework
• Support customer requests as they pertain to Compliance queries and to other Information Security questions, with the support of technical Info Sec members
• Completing vendor security reviews. Optimize and automate security questionnaire process.

WHAT YOU BRING

• Experience developing executive level presentations to support Governance and broader Information Security updates to appropriate audiences
• Experience assessing project and technical documentation to ensure compliance with established policies, processes, and procedures.
• Strong stakeholder and relationship management skills
• Ability to provide excellent written and oral communications by email, presentations, and mobile communication platforms (including: experience facilitating discussions, briefing senior managers, and conducting project meetings).
• Bachelor's degree with a minimum of 8 years of experience
• Experience supervising or managing an Agile project team.
• Flexible and collaborative approach to enabling and supporting the business
• Experience with continuous monitoring and Plans of Actions and Milestones (POA&Ms) is a plus
• Experience managing Agile projects with a focus on duties related to Product Owner
• Knowledge of U.S. Federal Government security compliance, risk management processes and requirements, including NIST RMF and NIST 800-53 Rev 5 controls
• Knowledge of local legal and regulatory security requirements including HIPAA, FedRAMP, and GDPR/privacy
• Requires sufficient technical background to be able to interpret audit and compliance requirements, and be able to support basic evidence gathering needs in support of audits
• Work on multiple projects and tasks concurrently
• Experience defining project scope and objectives, developing detailed work products (schedules, status reports, etc.), conducting project meetings, and owning responsibility for project tracking and analysis.

Benefits

• Sick pay
• Unlimited Vacation
• Team Socials
• 401K
• Medical, Dental, Vision, and Life Insurance
• Flexible work arrangements
• Daily catered lunches and healthy snacks at offices

We offer you a competitive total rewards package, learning and tremendous opportunities to grow and advance in your career. The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Saviynt, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $190,000 - $215,000 annually.

You may also be eligible to participate in a Saviynt discretionary bonus plan, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.

Saviynt is an amazing place to work. We are a high-growth, cloud software company with phenomenal people, that is building the most innovative identity platform in the world. Your time at Saviynt will be worthwhile. You will experience tremendous growth and learning while being part of something you are helping to define and build from the ground up. Through challenging yet rewarding work, you will be able to directly impact our clients, all within a welcoming and positive work environment. If you're resilient and enjoy working in a dynamic high-growth environment you belong with us!