Director of Compliance, Governance
Location: San Francisco
Posted on: March 14, 2018
Director of Compliance, Governance
Security, Legal & Risk Management - San Francisco, CA
Analyze risks and create innovative solutions to the wide-range of challenges our high-growth global business faces as we expand and scale.
The Director of Compliance, Governance is a leadership role on the team responsible for advocating, monitoring, and enforcing compliance via controls, policies, standards, and procedures. In this role, you will work with executives and senior leaders in Sales, Customer Success, Legal, Operations, Information Security, Corporate IT, Product, and Engineering teams to discuss strategic direction and tactical tasks involved to manage our compliance program under a single governance framework.
This role is responsible for creating a new compliance governance framework based on industry best practices. Further, this role develops new process workflows to prepare for annual audits; coordinate with external auditors performing audits; manage findings issued by external auditors; work closely with DocuSign cross-functional teams to create corrective action plans to remediate findings; and continuously monitor controls on a periodic basis. This role is also responsible for managing compliance to the audit policy, standard, and procedure related to the framework and process workflows.
Along with creating a new compliance framework and process workflows, this role maps requirements from each compliance program to identify the similarities and differences between programs. Next, this role looks at the existing process workflows and evidence outputs to determine any gaps. Then, this role produces a common control framework to align the rules with all the program requirements, process workflows, and evidence outputs. In addition, this role selects and implements a governance system to track the controls, manage evidence collection, and produce reports.
This position is an Individual Contributor and reports to the Senior Director of Compliance.
* Create and maintain a new compliance governance framework to manage current compliance programs (e.g. ISO 27001, PCI DSS, etc.) and on-board new compliance programs (e.g. GDPR, IRAP, etc.)
* Develop new process workflows standardized across compliance programs
* Own compliance audit policy, standard, and procedure
* Map requirements from current and new compliance programs
* Identify gaps between current processes and compliance program requirements
* Produce and maintain a common control framework
* Collaborate with peers to integrate compliance programs into framework
* Respond to requests from Compliance Trust Services team in the agreed upon service level (SLA) agreement commitments
* Work with Legal team to review compliance and audit related matters
* Educate other teams and cross-training Compliance team members as needed
* Define compliance governance program mission, objectives, scope, and success criteria
* Make required decisions about the compliance governance framework, process workflows, and common control framework
* Interact directly with executives and senior leaders on cross-functional teams to incorporate feedback into the compliance governance program
* Periodic travel and after-hours duties on an as-needed basis
* Additional responsibilities and tasks as required and assigned
* Bachelor s degree or higher in a relevant field
* Information Security & Compliance certifications (CISSP, CISA, CISM, PCI ISA, etc.)
* Direct experience working with a Software-as-a-Service (SaaS) solution
* Deep understanding of ISO 27001, PCI DSS, NIST, FedRAMP, or similar standards
* Experience with governance, risk and compliance (GRC) processes and solutions
* Projects involving coordinated efforts across large cross-functional teams
* Demonstrated people management skills providing direction, monitoring performance, motivating staff and building a positive working environment
* Solid knowledge of SaaS and security concepts
* Interest in industry-recognized security, compliance, or audit certifications
* Experience in project or program management
* Ability to express complex technical concepts in business terms.
* Display a demonstrated ability to think broadly and strategically
* Passion for information security, governance, risk, and compliance
* Exceptional analytical and communication skills
* Self-sufficient to manage and prioritize workload
* Ability to maintain composure in critical situations
* Strong attention to details.
Security, Legal & Risk Management @ DocuSign
As a part of our Security, Legal & Risk Management team, you are cultivating strategic partnerships to streamline and insure the security and legality of our product in every country we touch. Constantly immersed in critical, high-level operations to aid in our growth and progress, the Security, Legal & Risk Management team also heavily focuses on tactical mergers and prioritizes patents in order to protect and capitalize on our most innovative ideas and technology. Right by Legal & Risk Management s side, our Finance team is critical in deciding how and where we invest our funds to grow our company and support key initiatives. As a member of the Finance Team, you partner across the business and plan the company s financial operations.
DocuSign is changing how business gets done by empowering hundreds of thousands of companies and tens of million of users in most countries around the world to sign, send and manage documents anytime, anywhere, on any device with confidence. DocuSign replaces printing, faxing, scanning and overnighting documents with the easiest, fastest, most trusted way to make every approval and decision digital. Organizations of all sizes and industries are accelerating contracts, approvals and workflows with DocuSign's Digital Transaction Management (DTM) platform and eSignature solution. DocuSign keeps life and business moving forward.
DocuSign is an Equal Opportunity Employer. Individuals seeking employment at DocuSign are considered without regards to race, ethnicity, color, age, sex, religion, national origin, ancestry, pregnancy, sexual orientation, gender identity, gender expression, genetic information, physical or mental disability, registered domestic partner status, caregiver status, marital status, veteran or military status, citizenship status, or any other legally protected category.
Keywords: DocuSign, San Francisco, Director of Compliance, Governance, Accounting, Auditing, San Francisco, California
Didn't find what you're looking for? Search again!