AHEAD builds platforms for digital business. By weaving together advances in cloud infrastructure, automation and analytics, and software delivery, we help enterprises deliver on the promise of digital transformation.

At AHEAD, we prioritize creating a culture of belonging, where all perspectives and voices are represented, valued, respected, and heard. We create spaces to empower everyone to speak up, make change, and drive the culture at AHEAD.

We are an equal opportunity employer, and do not discriminate based on an individual's race, national origin, color, gender, gender identity, gender expression, sexual orientation, religion, age, disability, marital status, or any other protected characteristic under applicable law, whether actual or perceived.

We embrace all candidates that will contribute to the diversification and enrichment of ideas and perspectives at AHEAD.

The Governance, Risk and Compliance leader is the is responsible for providing independent, objective assurance and consulting services designed to add value and improve the Managed Services organization’s operations. This individual is responsible for implementing, maintaining and operating security systems and processes. This individual will be responsible for the development and enhancement of compliance and security procedures, forms, processes and documents. Responsibilities include Information Security and Compliance related operational techniques, policies and standards. This individual will be expected to have strong written skills and business acumen, and experience with compliance activities around SOC2 ISO, NIST and GDPR. Coordination with Legal, Internal IT and Security, and Managed Services Operations is particularly important to this position.

Roles & Responsibilities

Coordination of the company’s policy and procedure development and administration in coordination with other departments.
In support of the VP of Legal, assist in the company’s legal affairs including contract administration, regulatory compliance, and coordination with outside legal and regulatory authorities.
Oversight of the Managed Services risk management practice including operational risk assessment, mitigation, and implementation and maintenance of appropriate insurance protection.
Oversight of all Managed Services internal and external non-financial audits of company operations.
Maintain a professional staff with sufficient knowledge, skills, experience, and professional certifications to meet the requirements of the GRC organization’s charter.
Apprise company leadership of emerging trends and successful practices in compliance and quality assurance.
Oversight of the Managed Services compliance and program.
Assure that:
Compliance policies are communicated throughout the Managed Services organization.
Compliance with policies and procedures are monitored, audited, and enforced.
Coordination and Implementation:
Review the company’s compliance policies and procedures to identify potential areas of risk of illegal or unethical conduct.
Develop, initiate, maintain and revise compliance policies designed to prevent illegal or unethical conduct in the identified risk areas.
Working with other departments as appropriate, implement education and training programs for employees whose functions involve compliance with laws or ethical standards of conduct.
Advise and coordinate the implementation and operation of the information security, risk management, and compliance programs.
Monitoring and Auditing:
Monitor and coordinate compliance activities of other departments to remain abreast of the status of such activities.
Working with the departments with substantive responsibility for the applicable programs, identify changes in applicable rules, regulations, standards, and related trends that are relevant to the information security, risk management, compliance and ethics programs and make necessary changes to policies and procedures.
Monitor the performance of the risk management and compliance programs and related activities on a continuing basis and with periodic audits to ensure that compliance issues are being appropriately evaluated, investigated, and resolved.
Where appropriate, take appropriate steps to improve the effectiveness of the information security, risk management, compliance and ethics programs.
Assure that compliance with law and policy are regularly audited in the areas identified by compliance risk assessments.
Enforcement:
Recommend disciplinary or corrective action in response to violations, as appropriate, to management.
Ensure proper reporting of violations to enforcement agencies and the audit committee of the board of directors as appropriate and/or required.

Success Characteristics

Honest, Enthusiastic, Respectful, takes Ownership, achieves excellence, and consistently delivers quality service to team members and customers alike.
Team player, flexible, adaptable, responsible, punctual, proactive, and self-sufficient.
Affinity for and successful experience with small to medium size business environments.
Ability to adapt and thrive in a constantly changing work environment.

Qualifications

Bachelor’s Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.
5-8 years of related experience in data security administration
CISSP or similar security certification, desirable.
Strong knowledge of SSAE18 SOC, IS027001/2, and NIST standards
Experience with creating and implementing ISMS
Understanding of relationships between threats, vulnerabilities, asset values and their effect on overall business risk
Experience with Project Management and Vendor Relationship Management
Effective business consulting skills including the ability to establish rapport with the business
Time management and organizational skills
Possess strong verbal and written communication skills; be adept at communicating with all levels of technical and non-technical people
Demonstrated commitment to continuous learning and personal development

Why AHEAD:

Through our daily work and internal groups like Moving Women AHEAD and RISE AHEAD, we value and benefit from diversity of people, ideas, experience, and everything in between.

We fuel growth by stacking our office with top-notch technologies in a multi-million-dollar lab, by encouraging cross department training and development, sponsoring certifications and credentials for continued learning.

USA Employment Benefits include:

- Medical, Dental, and Vision Insurance

- 401(k)

- Paid company holidays

- Paid time off

- Paid parental and caregiver leave

- Plus more! See benefits https://www.aheadbenefits.com/ for additional details.

The compensation range indicated in this posting reflects the On-Target Earnings (“OTE”) for this role, which includes a base salary and any applicable target bonus amount. This OTE range may vary based on the candidate’s relevant experience, qualifications, and geographic location.

Apply now

See more open positions at AHEAD

Privacy policy Cookie policy