OPENTEXT - THE INFORMATION COMPANY As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital.
Be part of a winning team that leads the way in Enterprise Information Management.
OPENTEXT - THE INFORMATION COMPANY The opportunity :
OpenText is seeking a highly motivated, collaborative, technically experienced and well-organized Privacy Audit Lead for IT Compliance (ITC) with the ability to understand various compliance requirements, effectively interpret and communicate the requirements to internal teams, and lead efforts to produce actionable plans to meet the compliance requirements.
ITC Team, part of Global Information Security (GIS) is currently focused on, but not limited to SOC1, SOC2, PCI, HIPAA, ISO 27001, SOX.
In this role, you will be involved in managing and sustaining the various compliance programs by working collaboratively with internal teams, SMEs, external customers, vendors, auditors and other stakeholders.
The ideal candidate will be well versed in the General Data Protection Regulation (GDPR) in EU, and in other applicable locales around the globe.
This is a hands-on role that will require detailed knowledge of security concepts, risk models, security controls, security audits and other common IT security domain concepts.
Additionally, the candidate will be required to work with stakeholders to represent the awareness and effectiveness of the Privacy program and will help measurements as needed.
Therefore, the candidate must possess superior communication
You are great at :
Understanding security risk in relation to General Data Protection Regulation GDPR) in EMEA, and in other applicable locales.
Participating in gap assessment, compliance readiness, and compliance monitoring activities.
Collaborating cross-functionally with technology and business stakeholders to drive, track, and resolve all aspects of privacy compliance readiness and procedures that ensure effective privacy practices.
Interfacing with external auditors to facilitate compliance audits.
Coordinating delivery of audit milestones, ensures audit timelines stay on target by escalating and identifying roadblocks.
Facilitating and tracking remediation, corrective action plans.
Participating in continuous improvement initiatives.
Conducting security reviews, risk analysis, and controls reviews in adherence to GDPR laws and Open Text security policy.
What it takes :
Strong knowledge of General Data Protection Regulation (GDPR), laws, and emerging legislation.
Experience with at least one of the following compliance programs ISO 27001, ISO 27018, PCI, HIPAA.
Experience with control assessments and coordination of audit activities.
Familiar with Information Security principles, knowledge of IT processes (e.g. Change Management, Incident Management, Risk Management, Network and System Administration),
Bachelor’s Degree in Information Technology, Business or related vocations.
5 years’ experience in IT with a minimum of 3 years’ specific experience in Information Security, Compliance, Audit or Risk Management.
Privacy skills to include : knowledge of Record of Processing Activity (ROPA), consent, right to be forgotten, data portability, Privacy Impact Assessment (PIA) is a plus.
Big four audit firm experience a plus.
Understanding of security controls, privacy, risk management framework and compliance models is a must.
Industry standard certifications (CISSP, CISA, CISM, ISSMP ISO 27001 Lead Implementer / Auditor) a plus.
Strong technical, analytical, interpersonal, communication and writing skills.
Self-starter, quick-learner, and pro-active problem-solving skills.
Demonstrated strength in working in a high change environment.
Strong personal characteristics as demonstrated by the following : achievement-oriented, self-controlled, self-confident, flexible, approachable, and dedicated.
Capable of working under pressure in a continually changing environment
Understanding of security controls, and risk management frameworks and compliance models is a must.