$150K — $200K *
At Emburse our mission is to help make our users’ lives -- and their businesses – better. We are dramatically transforming how organizations manage corporate expenses and invoices. We humanize work by automating manual tasks and saving users’ time, so they can focus on what matters most -- their family, community, or more rewarding work. We help CFO's give their employees a simple and amazing experience while ensuring compliance and reducing costs. Our solutions are tailored for companies from start-ups to enterprises. We have more than 14,000 clients and 4.5 million users globally.
Emburse has offices across North America, including Los Angeles, Montreal, Portland (ME), San Diego, San Francisco, and Toronto, as well as locations in the UK, Germany, Spain and Australia.
Our core values - Sincerity, Empathy, Empowerment, Individuality and Teamwork - reflect who we are as a company. They are central to the decisions we make and the interactions we have with our teams, customers, and partners. As a people focused company, we are seeking candidates who align with our values.
Emburse is a proud recipient of a 2020 Tech Cares Award from TrustRadius. This award celebrates companies that have gone above and beyond to provide their communities, clients, and front line workers with support during the COVID-19 pandemic. We are a people-first company, and this award is a testament to our mission to humanize work.
Follow us to stay updated on news and job openings!
The IT Compliance manager leas the day-to-day general IT compliance needs of its business lines. In this highly visible role, the Lead IT Compliance helps to create and maintain corporate policies and procedures, manage internal testing programs, advise and consult with internal teams and customers on areas of IT risk and provide general support to Emburse’s IT Operations, Security, and Legal teams. This role owns all the compliance activities for SOC 1, SOC 2, ISO 27001, PCI-DSS, GDPR, and more
What you'll do:
Lead in the development and maintenance of a robust compliance program to scale with the company's growth and ensure that Emburse products and services comply with all applicable regulatory requirements and industry best practices.
Experience working directly with internal Security, IT Operations, Help Desk, Product, Hardware and HR teams (required).
Become a "go-to" contact on IT compliance-related matters, which includes responding to daily compliance related inquiries and referrals, participating in special projects, providing technical support to other departments and escalated customer inquiries.
Lead in documenting IT Compliance processes and procedures.
Serve as a point person for, and coordinate responses to, regulatory inquiries, due diligence requests and external audit requests (e.g., SOC 1, SOC 2, PCI-DSS, ISO 27001, SOX 404, FedRamp, and partner due diligence)
Lead in the development and implementation of a continuous monitoring program for IT compliance and automation of manual processes.
Perform tests of controls in accordance with compliance programs, including PCI and SOX.
Monitor regulatory and industry trends to ensure required changes in compliance policies, procedures and testing are integrated in a timely manner.
Assist with enterprise-wide targeted training for customers in compliance with regulatory requirements
Lead in the configuration and/or administration of a cloud-based (GRC) tool AuditBoard.
What we're looking for:
Required: Bachelor’s Degree; Minimum 2+ years of technology project/program management.
At least 5-8 years of IT compliance experience (required) in a start-up environment; both pre and post-IPO (preferred).
At least 1 year of experience in technology, payment processing services or working knowledge and interest of technology infrastructure principles and practices (required)
ISO 27001 Lead Auditor (preferred)
Demonstrable experience interacting with auditors and strategic partners in cloud-based environments similar to Emburse, relating to assurance frameworks such as SOX, PCI DSS, ISO27001, SOC 2 Trust Principles, Business Continuity and Disaster Recovery and Third-Party Risk Management. NACHA experience (experience with some of these areas is required)
Required: CISA, CISM, or CRISC
Preferred: CISSP, CIPP/EU
Experience working on large cross functional teams, representing IT compliance on initiatives such as change management, identity and access management, policy management and data retention.
Strong writing skills and the ability to communicate information about complex issues to stakeholders in a clear and easy to understand way
Ability to develop creative and adaptive solutions to unique and complex inquiries
Unwavered by a rapid-paced working environment and meeting deadlines
Team-focused, positive attitude, and good sense of humor
Ability to collaborate effectively with a wide range of people in a diverse and accepting environment
Valid through: 4/21/2021