Administers compliance activities per corporate policies and procedures, including systems for addressing alleged violations of sales program. Drives strategic and tactical initiatives, aimed at increased levels of compliance for specific initiatives. Manages existing and potential fraudulent situations for the organization. Works closely with internal audit and other functional departments on training and improvement plans by monitoring programs. Builds new reporting to detect non-compliance in accordance with established M&P's. Completes in-depth analysis of compliance results. Establishes and implements policies and procedures designed to identify and deter fraudulent. Reviews and researches new technologies and/or systems for various types of fraud. Responsible for ensuring effective remediation of non-compliant situations through the re-design of processes and testing of their effectiveness. Manages the activities of individual contributors with accountability for goals, objectives, operational policies. May participate in the development of functional strategy.
The Cyber Security IT Compliance and Risk Management team is the audit and governance arm for Sprint's compliance efforts. We support Sprint's Federal and State Do Not Contact (DNC) regulatory requirements and the Payment Card Industry Data Security Standard (PCI DSS). Within Sprint's Information Technology lane, we manage Sarbanes Oxley compliance and remediation activities for all IT related Security Risk Assessments (SRA), Corporate Audit Services (CAS) findings and National Security Agreement (NSA) responsibilities. With our new alignment to the Cyber Security organization we are expanding the depth and breadth of support for PCI, HIPPA, CPNI, and Privacy to include areas such as: API Governance, Software Development Lifecycle security governance, risk management, vulnerability management, access control governance, New York DFS and California Privacy law.
This specific manager position will lead the PCI & SDLC governance team and will be responsible Sprint's PCI compliance, annual audit, control development and all related communication and training. He/She will support and manage security functions and processes related to Sprint's Software Development Lifecycle including compliance and governance of all static, dynamic, integrated, mobile security testing including software composition analysis and threat modeling including process development, tools standardization and management and all related role specific training.
The ideal candidate will also be a skilled communicator with executive presentation experience, along with the ability to manage morale and work to provide a fun and engaging work environment.
• Bachelor's degree and eight years related work experience or twelve years related work experience post high school
• Five years experience in compliance audits or relevant field operations experience
• Five years experience developing compliance policies or relevant field operations experience
• Three years leadership, supervisory or management experience