Easter Seals Jobs

Description It's an exciting time to be at Infoblox. Named a Top 25 Cyber Security Company by The Software Report and one of Inc. magazine's Best Workplaces for 2020, Infoblox is the leader in cloud-first networking and security services. Our solutions empower organizations to take full advantage of the cloud to deliver network experiences that are inherently simple, scalable, and reliable for everyone. Infoblox customers are among the largest enterprises in the world and include 70% of the Fortune 500, and our success depends on bright, energetic, talented people who share a passion for building the next generation of networking technologies-and having fun along the way. We are looking for a Director, Corporate Governance, Risk and Compliance located in Tacoma, WA, reporting directly to the CISO, who is based in California. In this role, you will contribute to the design of and monitor the control environment at Infoblox, with an eye on our current and future regulatory requirements, including SOC2, ISO, FedRAMP, SOX, and NIST CSF. At Infoblox we are taking a fresh and innovative approach at controlling, analyzing, and securing networks by intelligently managing core network services, DNS and DHCP. You are the ideal candidate if you're a dynamic self-starter who is comfortable with changing priorities and working cross-functionally with other teams to achieve our strategic objectives. What you'll do: Lead an established GRC team with 5 direct reports across multiple time zones to deliver on all aspects required of the GRC function at Infoblox Ensure that our current certification programs are maintained and annual audits are successful and well planned, including ISO27k, SOC2, SOX ITCG, and CAIQ Maintain a roadmap of upcoming certification requirements and activities Conduct risk assessments using industry standard frameworks, guide the risk management process, maintain a risk register, and manage remediation plans and exceptions Work with the Sales team to respond to security/compliance questionnaires of customers and vendors as required and maintain a knowledge database (currently in "Responsive") of risk assessment questions and responses Manage thirdparty risk-TPRM Program Establish and maintain security policies, metrics, and reporting and maintain policy documents on our internal website and externally on trust.infoblox.com Oversee our security awareness training/education, security champions, and phishing program Support collaborative working relationships with members of other functional teams within Infoblox What you'll bring: 10+ years of work experience in governance, risk, and compliance and/or information security and risk management Functional knowledge of the CISSP security domains and information security industry standard and best practices required Functional knowledge of applicable security frameworks and regulatory requirements, such as SOX, GDPR, ISO 27001, NIST-CSF, CAIQ, SOC2, and Webtrust; FedRAMP certification knowledge a plus but not a requirement GRC Tooling knowledge a plus, such as Diligence, ZenGRC, and MetricsStream Ability to communicate risk methodologies and concepts to the business IT audit background and consulting experience is a plus Ability to work in a fast-paced environment and handle ambiguity, while meeting objectives and deadlines Excellent interpersonal skills and ability to work effectively with diverse and distributed teams What success looks like: After six months, you will... Establish control/leadership of all aspects of the current GRC Program Maintain staffing or hire additional staff if needed for scale Submit the next plan and budget, including financial and headcount Help materially improve the Security Compliance Response process, which is currently being automated via our new AI-based tool Roll out our Security Champions Program, along with othe