KEY RESPONSIBILITIES:
- Lead the overall on time execution of compliance programs aimed at achieving and maintaining committed customer impacting EU security certifications
- Effectively communicate execution status, key accomplishments, and risks that impact Salesforce’s ability to achieve or maintain compliance accreditations or certifications to Salesforce leadership.
- Proactively evaluate and advise the business on new and evolving certification programs, regulatory requirements, and technologies.
- Direct and review controls testing, document results, and provide updates to Security management, and internal partners
- Serve as a people manager for other EMEA compliance subject matter experts.
- Advise process/control owners with the preparation and on-going maintenance of controls and control documentation (e.g., policies, procedures, narratives, and matrices)
- Proactively identify gaps or conflicts in existing processes and work to develop solutions with internal business partners.
- Assist with and drive remediation of control deficiencies and gaps identified internally and externally
- Build strong relationships with business partners and facilitate continuous improvement aligned with operational processes
- Partner with other leaders within Security to collaborate and support both process maturity and staff development.
- Maintain an in-depth understanding of key European security compliance requirements, standards, guidance, and interpretations.
- Deliver accurate and practical compliance guidance and direction to internal partners.
- Build strong cross-functional relationships with business partners to facilitate the development of strong compliance programs that support continuous improvement and operational efficiency.
- Meet regularly with regulatory and government bodies in EMEA regarding new and changing security compliance requirements.
REQUIREMENTS:
- 12+ years of related compliance and/or security experience
- Detailed working knowledge and prior experience in audit execution of a global security certification such as ISO 27001/17/18, TISAX, ENS, HDS, etc.
- Detailed working knowledge of European security compliance frameworks and requirements
- Experience working with European government regulators and accreditation bodies
- Extensive prior experience working as a people manager. Ability to organize teams, define and drive a book of work aligned to larger organizational goals, set clear accountability and build an impactful culture with direct reports.
- Ability to operate autonomously and lead meetings and projects with minimal guidance
- Analytical thinker, highly organized, meticulous, ability to multitask
- A proactive goal achiever who innovates to go above and beyond expectations to get the job done and is comfortable working in a fast-paced, dynamic environment incorporating constant change as we grow
- Working knowledge of GRC automation technologies and how best to demonstrate automation to reduce manual toil and drive cost efficiencies.
- An up-to-date functioning understanding of current Cyber Security trends
- In-Depth technical background with a good understanding of security concepts and practical usage
- Knowledge of, or experience working with, Cloud technologies/environments, including evaluating and implementing controls on Infrastructure as a Service (IaaS), is a plus
- Excellent written and verbal english communication skills; ability to effectively communicate across all levels of the Company
- Analytical problem solver with strong organizational skills; attention to detail is a must
- Experience building compliance certification programs, such as ISO 27001, SOC, and PCI
- Experience managing multiple projects simultaneously
- Possess a “whatever it takes to get the job done” mentality (i.e., pick up the phone, stop by a desk, follow-up multiple times)
- Flexibility in daily hours (i.e., willingness to work longer hours during peak periods in audit cycles)
- Strong cross team collaboration skills
- Prior Big-4 consulting experience or prior professional experience in big-tech (FAANG) companies is a plus.
- Degree or equivalent relevant experience required. Experience will be evaluated based on the core competencies for the role (e.g. extracurricular leadership roles, military experience, volunteer roles, work experience, etc.)