Manager of Security and Compliance Location: Seattle, WA or Salt Lake City, UT The Manager of Security and Compliance drives all security initiatives within the CXOne GoMoxie business unit. CXOne GoMoxie is an independent business unit within NICE CXOne delivering Chat, Email, and Knowledge SaaS solutions. CXOne GoMoxie customers are medium to large Enterprises with very high security requirements. CXOne GoMoxie is ISO27001, PCI and HIPAA audited and certified.
Job Responsibilities and Duties:
Define security requirements and direction
Define security Policies, Standards, and Processes across CXOne GoMoxie
Work with engineering teams to define standards for secure code development
Work with Operations teams to implement security policies and operational capabilities ensuring technical solutions map to contractual, audited, and legislative standards and requirements
Work with all departments to provide advice and guidance on information security roadmaps and best practice frameworks
Drive security training for all CXOne GoMoxie
Drive internal auditing and compliance
Drive external auditing including ISO 27001, PCI, and HIPAA
Support customer security audits
Work with internal Legal on customer contract security terms and requirements
Work with Sales to answer customer and prospect security questions
Work within the larger CXOne organization on security initiatives that span the larger CXOne organization
Who You Are:
A Leader
7+ years working in an enterprise information security role. Strength in providing leadership across all parts of the organization
Organized
Proven ability to perform analysis and prepare documentation with proven project management and organizational skills including managing multiple concurrent projects
Great Communicator
Excellent verbal and written communication skills, demonstrating the ability to write with purpose, clarity, and accuracy up and down the chain
Team Player
Excels in cross team collaboration and when possible builds consensus and when necessary aligns people and teams behind unpopular but necessary decisions.
Expert
Expertise with security technologies commonly leveraged to support a large-scale, multi-platform enterprise environment.
Familiarity with current legal and regulatory requirements around information security and privacy, including PCI, HIPAA, GDPR, CCPA and other standards
Experienced.
7+ years IT Security infrastructure proficiency and experience in many of the following: