Kronos Cloud Security Compliance Manager in Lowell, Massachusetts
Cloud Security Compliance Manager
Lowell - Massachusetts - USA
The duties of the Senior Manager, Cloud Security Operations & Compliance are to ensure effective compliance and security of the Kronos Cloud SaaS services offerings. The ideal candidate will have considerable experience in managing the security operations and compliance of 24 X 7 customer facing Cloud environment, including public cloud. This role will be accountable for day-to-day management of Cloud Compliance & Security, resource hiring, managing staff, coaching and directing the evolution of processes and procedures related to security operations and compliance functions.
Primary charter is to manage the compliance and security operations for Cloud services and serve as a liaison to Kronos Corporate Information Security & compliance auditors. Ongoing management of our compliance controls, and ensuring security alignment with compliance policies, procedures and standards is essential to this role’s function.
• Manage the compliance for Kronos Cloud services across all technologies and environments.
• Implement improvements to process and procedures regarding the administration and maintenance of security and compliance areas.
• Management of open and closed tickets for compliance audit and interactions with corporate security and internal & external audit teams.
• Management of compliance narratives and control procedures documentation.
• Management of security engineering delivery to enable compliance.
• Work with customers, internal stakeholders (engineering, services) on continuous improvements to maintain security operations, compliance certification and obtain new compliance objectives.
• Coach and mentor staff to ensure personnel are working as efficiently and accurately as possible in a team oriented professional culture.
• Plan projects, training, objectives, timelines, deliverables and milestones for the compliance.
• Collaborate with the Security Architects when new exploits are identified, properly categorize the business and technical risk and present the findings and action plans to all necessary stakeholders.
• Work with Security Architects to execute risk assessments on a regular basis (annual) and develop; then execute on the remediation plans.
• Provide metrics and updates that report against Cloud security operations and compliance requirements.
• Provide feedback and recommendations to Cloud management for continuous compliance improvement.
• Security Vulnerability & Exploit identification and management to resolution (Incident management).
• Management of the Security Operations Center and drive the development of KPI’s that identify risks based on trends.
• Take ownership of compliance and security operations and manage assignments through completion.
• Combination of technical and managerial experience, preferably in a SaaS based public cloud environment.
• Experience managing compliance for operational organizations and processes.
• Experience managing security operations centers and proactive threat modeling.
• Strong foundation with compliance and security tools (Tenable, Metasploit,etc…)
• Working knowledge of SSAE 16 SOC 2, ISO, NIST, PCI, GDPR and overall regulatory compliance of private and public cloud environments.
• Experience as a Compliance Manager of SaaS/Cloud Hosted Operations, Public Cloud preferred.
• Hands-on security and compliance experience in Public Cloud is desired
• Ability to function within a fast-paced environment and able to adapt to rapid changes in priorities and logistics.
• Key attributes: Flexible, continuous learner, excellent communicator, works well in team environment, appreciates challenge, comfortable and effective working in new areas that require experimentation and rapid problem solving.
• Bachelor of Engineering, Computer Science or Electronics or telecommunication or equivalent.
• Industry related certifications (CISSP, CISM, GIAC) preferred.
Min. of 10 yrs. of professional experience with 5 years in leadership/mentoring role with:
• Experience with 24x7 infrastructure operations (Hosted/Public Cloud).
• Hands on experience building, delivering and supporting Compliance program for IaaS or SaaS products.
• Proven experience with delivering operational excellence and developing long term plans with measurable results on business impact
• Experience in managing senior and junior technical resources in an enterprise environment.
• Strong communication skills, both written and verbal.
• Comfortable in global working environment.
• Good at building team and cultivating team work.
• Experience working with off-shore delivery company and distributed teams is a plus.
• Project planning, budgeting and resource management including good knowledge of project management tools would be an added advantage.
• Familiarity with ITIL processes.
• Ensure operating standards are developed, maintained, and adhered to.
• Skills to train and mentor staff members.
You’re empowered when you’re a Kronite.
Want to be part of an elite group of highly skilled professionals? We think our employees are a special group of talented, energetic, and innovative people. And for that reason, we refer to ourselves as Kronites. Kronites care about more than just work. We recognize the need to maintain a healthy work-life balance – to live inspired. In fact, it’s expected! You’ll soon learn that we take work and fun seriously. No matter what position you hold at Kronos, you’re a Kronite. And we want you to feel like you have the power to make a difference in your life and the lives of others, at work and beyond. Want to learn more about our culture? Follow us on Twitter @work4kronos. #MyWorkInspired
Kronos is a global provider of workforce management and human capital management cloud solutions. Kronos’ industry-specific workforce applications are purpose built for businesses, healthcare providers, educational institutions and government agencies of all sizes. Tens of thousands of organizations – including half of the Fortune 1000® - and more than 40 million people in over 100 countries use Kronos every day.
Kronos is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, physical or mental disability, age, or veteran status or any other basis protected by federal, state, or local law.