Easter Seals Jobs

With Confluent, organizations can harness the full power of continuously flowing data to innovate and win in the modern digital world. We have a purpose that drives us to do better every day – we're creating an entirely new category within data infrastructure - data streaming. This technology will allow every organization to create experiences and use the power of data in ways that profoundly impact the way we all live. This impact is our purpose and drives us to do better every day.

One Confluent. One team. One Data Streaming Platform.

Data Connects Us.

About the Role:

As the Security GRC Program Manager in the Trust & Security organization you will play a critical role in fulfilling the vision to secure Confluent’s platform and cloud offerings through a combination of technical expertise, policy governance, security risk management, third party risk management and compliance management skills.

What You Will Do:

• Drive internal and external compliance management activities

• Lead efforts to improve and operate our risk register and issue management programs by managing risk management activities to ensure security risks are centrally and consistently cataloged, and monitored

• Develop and optimize risk exception process

• Maintain and drive adoption of common control framework

• Perform third-party risk assessments to maintain oversight of third-party vendors

• Maintain and operate security metrics programs

• Ensure security policies & standards are maintained up to date

• Implement and operationalize Governance Risk and Compliance (GRC) tooling to further improve and automate our GRC processes

What You Will Bring:

• 3-5 years of relevant industry experience

• General knowledge of and experience in one or more security & compliance frameworks such as, SSAE18 (SOC 1 and 2), HITRUST, FedRAMP, PCI, ISO 27001, HIPAA, CSA, CIS, NIST CSF, etc

• Comfortable interacting with internal and external auditors through compliance management activities such as evidence collection, audit workthrough, etcFamiliar with risk management practices, including identify and assess risks, suggest risk treatment plans, monitor and report on risk regularly to the leadership

• Experienced in third party risk management processes

• Understand policy governance processes

• Security engineering fundamentals background in infrastructure security controls in GCP, AWS, Azure, and/or web application security

• Strong communication, interpersonal and leadership skills to work with both engineering and other non-technical stakeholders

• Bachelor's degree in Computer Science, a related field, or equivalent practical experience

• CISSP, CRISC, CISM or equivalent certification completed or currently in progress is a plus

Come As You Are

At Confluent, equality is a core tenet of our culture. We are committed to building an inclusive global team that represents a variety of backgrounds, perspectives, beliefs, and experiences. The more diverse we are, the richer our community and the broader our impact. Employment decisions are made on the basis of job-related criteria without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other classification protected by applicable law.

At Confluent, we are committed to providing competitive pay and benefits that are in line with industry standards. We analyze and carefully consider several factors when determining compensation, including work history, education, professional experience, and location. This position has an annual estimated salary of 143,200 - 168,300 USD, and a competitive equity package. The actual pay may vary depending on your skills, qualifications, experience, and work location. In addition, Confluent offers a wide range of employee benefits. To learn more about our benefits click HERE (https://confluentbenefits.com/) .

Click HERE (https://www.confluent.io/legal/confluent-candidate-privacy-notice/) to review our Candidate Privacy Notice which describes how and when Confluent, Inc., and its group companies, collects, uses, and shares certain personal information of California job applicants and prospective employees.

#LI-Remote