Description

Product Security Senior

We're looking for a Product Security Senior candidate with experience driving compliance programmes from initiation to certification, followed by managing to join our team in Bangalore, India (hybrid - 2 days in the office).

You will report to the Director of Product Security & Compliance Programmes.

In your role as a Principle Compliance Analyst, you will work with Engineering, Cloud Ops, Compliance, Global Security Office(GSO), Security, and Product Management(PM) organisations driving compliance programmes such as SOC(1,2,3), HIPAA, GxP, SOX, and ISO 27001 managing the complete life cycle of programmes. You'll promote cloud security and compliance best practices across Informatica's Products(R&D) organisation, and ensuring products are built & operated. Another main responsibility will be to define Products specific procedures to support compliance needs. You'll lead the internal audits and represent Products organization in the annual external attestations.

Technology You'll Use

• GRC software, Project Management tools, Security Scanning Tools
• AWS, Azure, Google and Oracle Cloud Platforms

Your Role Responsibilities? Here's What You'll Do

• Provide subject-matter expertise for compliance requirements with a specific focus on SOC(1,2,3), HIPAA, GxP, SOX.
• Promote Compliance programmes from conception to closure.
• Partner with teams in developing policies, procedures, and other required documentation.
• Partner with Engineering and Operations in designing control implementation
• Lead Products internal audits to validate the efficacy of compliance security controls.
• Identify & drive compliance gaps to closure working with all team members
• Lead high impact programme meetings, establish and support working groups
• Represent Products department in external audits, collaborate with all teams to deliver evidences and product walkthroughs

What We'd Like to See

• Experience managing compliance programs from initiation to closure.
• An unique blend of business and technical understanding, a big picture vision, and the desire to make the vision a reality.
• Intrapersonal skills and can work between Engineering/RandD, Cloud Operations, Compliance & Security, and Product Management teams and in a collaborative fashion.

Role Essentials

• 8+ years of SOC2 experience and experience of having led large-scale compliance programmes
• Knowledge & experience with ISO & NIST 800-53 from a compliance and technical implementation perspective
• Good to have CISSP, CRISC, CISA, or CISM
• Prior experience in customer-facing role
• Experience working with Informatica products and Data Integration experience
• Broad knowledge IT concepts, including Cloud hosting, CI/CD, encryption, networking, operating systems, containerization, databases, middleware, and application.