The Director of GRC & Privacy - will be responsible for establishing the framework, articulating the strategy, and leading the development of the Organization Governance, Risk Management, and Compliance Controls ecosystem to meet Board, Senior Management, and Regulatory expectations, in conjunction with other teams. The director is responsible for the establishment, operationalization, and continuous improvement of global Governance, Risk management, Compliance, and Privacy. As the Director, GRC, and Privacy you will provide leadership to a growing global team. Requires a great deal of responsibility that will include, but not be limited to, the following -
About GRC & Privacy team:
The GRC and Privacy team is responsible for managing the organization's overall governance, enterprise risk management, compliance, and data privacy regulations. The objective of the GRC and Privacy team is to enable a structured approach to align IT with business objectives, while effectively managing risk and meeting compliance & data privacy requirements.
Develop and lead strategic roadmap of the GRC & privacy function.
Implement, review and assess the Enterprise risk framework by conducting risk assessments periodically.
Reduce risk and improve control effectiveness, privacy and compliance through an integrated and unified approach that reduces the ill effects of organizational silos and redundancies.
Assurance over the compliance of standards and regulations Chargebee needs to follow. Examples are - SOC, PCI, ISO 27001, SOX, NIST, etc including GDPR, CCPA, and other applicable data privacy laws
Maintain a strong awareness of legislative changes or amendments to ensure ongoing and future compliance
Build a strategic and comprehensive privacy program that defines, develops, maintains, and implements policies and processes that enable consistent, effective privacy practices.
Work with GTM functions, legal counsel, and other related parties to represent the organization's information privacy interests with external parties (state or local government bodies) who undertake to adopt or amend privacy legislation, regulation, or standard.
Conduct related ongoing compliance monitoring activities in coordination with the organization's other compliance and operational assessment functions.
Develop a communication strategy for verbal and written communications to the three lines of defense to raise awareness of the overall program, ensure engagement, and update on progress against the plan
Improve Chargebee’s GRC and Privacy posture externally by delivering customer delights and driving Privacy as a competitive edge for Chargebee.
Driving the Budgets w.r.t People and technology and demonstrating the value
Responsible for delivering key metrics to the leadership as part of the GRC and Privacy function.
12+ years of IS experience with 4+ years of GRC leadership experience
Hands-on experience in implementing GRC programs.
Thorough knowledge of strategy, governance, risk management, and compliance concepts
Working knowledge of compliance frameworks (CIS, NIST, OWASP, PCI)
Have the mental acuity to analyze complex sets of data and requirements and present that data in a manner that's clear and concise.
Experience working with COSO and COBIT frameworks and their role in Enterprise Risk Management
Demonstrated ability to create and successfully execute strategic Privacy and compliance roadmap
Experience securing various Cloud architectures and deployment strategies such as Software-as-a-service, Infrastructure-as-a-service (AWS), Platform as a service, etc
Experience working with technology environments, including information security, encryption methods, and privacy-based solutions
Knowledge and understanding of relevant legal and regulatory requirements including PCI-DSS, SOC, HIPAA, GDPR
Work with 3rd party vendors and provide Product requirements for Privacy/GRC compliance
Thorough documentation abilities and process adherence culture
Practical experience in leading internal and external compliance audits
Excellent written and verbal communication skills
apply with your résumé to get
the conversation started