Information Security Compliance Management

8 - 10 years experience  • 

Salary depends on experience
Posted on 05/22/18
San Diego, CA
8 - 10 years experience
Salary depends on experience
Posted on 05/22/18

Teradata empowers companies to achieve high-impact business outcomes through analytics. With a powerful combination of Industry expertise and leading hybrid cloud technologies for data warehousing and big data analytics, Teradata unleashes the potential of great companies. Partnering with top companies around the world, Teradata helps improve customer experience, mitigate risk, drive product innovation, achieve operational excellence, transform finance, and optimize assets. Teradata is recognized by media and industry analysts as a future-focused company for its technological excellence, sustainability, ethics, and business value.

The Teradata culture isn’t just about one kind of person. So many individuals make up who we are, making us that much more unique. It’s what sets apart the dynamic, diverse and collaborative environment that is Teradata. But even as individuals, there’s one thing that we all share —our united goal of making Teradata and our people the best we can be.

Description

If you want to be a key part of establishing and growing a large, global cloud consulting organization, then this opportunity may be for you. Teradata Corporation is a leader in delivering high power analytics to companies driving improved results and transformational capabilities. Our corporate security team is at the heart of ensuring we deliver our analytics solutions to our customer’s analytic ecosystem wherever they deploy our technology (on premises, managed cloud or public cloud). We are actively driving toward next generation service capabilities building on our already best in class services and consultants.  We are helping customers determine how to maximize the opportunities enabled by cloud and how to successfully navigate towards the cloud mandates that many of our large, global customers have in place.    

The member of the Information Security Third-Party Risk Management team will leverage broad technical knowledge of the security controls implemented at Teradata and provide requirements for compliance to security and privacy regulations. This is a global role with responsibility for responding to compliance requirements and customer securityaudits worldwide.

The ideal candidate will have experience and proven track record of analyzing the requirements for security and privacy assessments and prepare responses to client audits. Strong interpersonal skills are required to meet with clients and support onsite audits of Teradata controls. This position will be primarily responsible for designing, implementing, and maintaining our security compliance program. Working closely with the business units, to advise on risk, consult on compliance requirements, build security awareness, enforce policies, respond to customer security questions, perform audits of Teradata suppliers, and manage third-party due diligence. This position will operate our third-party risk assessment process, and track and report on gaps to closure and final resolution

Key Areas of Responsibility 

Direct hands-on expertise in the following areas of information security:

Third-Party Risk Management

  • Identify security and privacy regulatory requirements
  • Perform risk analysis of Teradata suppliers
  • Perform and/or support due-diligence of Teradata suppliers
  • Develop and maintain a third-party risk registry
  • Track third-party compliance with Teradata’s security requirements
  • Ensure committed remediation tasks are complete

  Teradata Customer Audit  

  • Understand Teradata’s security controls
  • Respond to customer/prospect security requests (security documentation, independent penetration tests, etc.)
  • Provide evidence of Teradata’s controls
  • Negotiate remediation as required
  • Track findings and work with teams to remediate risks

Security Compliance Management

  • Understand requirements of security and privacy regulations
  • Monitor new regulations and advise on business impact
  • Develop and maintain metrics on compliance for third-parties and customers
  • Coordinate with various internal/external stakeholders for pertinent compliance initiatives (SOX, ISO 27001, SOC 2 Type 2, GDPR)

Qualifications 

 

  • Bachelor’s Degree required; technical certs desirable
  • 7 – 10 years’ experience with internal security and compliance
  • Experience achieving ISO 27001, SOC 2 Type 2 compliance
  • Penetration testing experience
  • Drafting/enforcing internal security policies
  • Experience in IT audit, information security, or compliance
  • Comprehensive knowledge of various risk and security frameworks
  • Comprehensive knowledge of SOC 2, ISO 27001, HIPAA, SOX, GDPR and global data protection and privacy laws
  • A strong technical understanding of cloud security challenges and controls
  • A good understanding of technologies and controls including hosts, databases, networking, and applications
  • Experience performing audits, risk assessments, and reviewing and developing key processes and controls
  • Experience presenting and communicating to Executive Management
  • Ability to effectively work and collaborate with technical and non-technical resources
  • Strong organizational skills
  • Requires the ability to travelinternational and the ability to work within a 24x7 environment

Requisition Number201278

Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.