Compliance OfficerAre you interested in helping shape the security of the Internet we all depend on? Are you interested in learning about or contributing to new security policies months or years before being used in every browser? We are looking to add a Compliance Officer to our growing team. We are in the Upper Kirby area just a few minutes from I-45. The digital certificate products in our suite of services include SSL/TLS, SMIME/email, code, and, document/object signing, client authentication, and IoT (Internet of Things). SSL.com is a voting member of the CA/Browser Forum and the Cloud Signature Consortium and as a result, every team member at SSL.com is valued and provides a positive impact on Internet security in general. We regularly interact with the titans of the Internet such as Google, Amazon, Mozilla, Cisco, Microsoft, Oracle, etc…
Objective:To support, plan, maintain and improve the compliance and security posture of SSL.com and its products/services through a framework of policies and procedures to be followed now and moving forward. Compliance Officers create value to the SSL.com by monitoring changes in regulations (e.g., CA/Browser Forum requirements), planning updates to relevant policies, procedures, processes and systems, training and educating SSL.com personnel in compliance matters and culture. Apart from their compliance maintenance role, they support new businesses by consulting in compliance and information security aspects of new or enhanced products and services for the SSL.com customers. Their work also significantly contributes to the transformation and continuous improvement of SSL.com.
Skills we are looking for include:
- Verbal and written fluency in English.
- Good organizational and communication skills, both written and verbal required.
- Ability to read, interpret and comprehend complex documents such as contracts, standards, policies, processes, and procedures.
- Detail oriented with strong analytical skills and problem-solving capabilities required.
- Ability to interpret internal/external business challenges and recommend solutions.
- Ability to solve complex problems; take a new perspective on existing solutions; exercise judgment based on the analysis of multiple sources of information.
- Ability to balance legal, quality and business objectives and distinguish between risk mitigation and risk elimination.
- Excellent verbal and written communication and advocacy skills; ability to interface and communicate effectively and diplomatically with all levels of personnel including individuals in many different functions and business units.
- Strong teamwork and collaboration skills. Ability to build relationships across functions, service lines, geographies, and levels.
- Needs to work well with internal and external legal counsel.
- Able to adjust quickly to changing priorities and manage conflicts effectively and expeditiously.
- Ability to problem-solve and contribute to process improvement using innovative and cost-effective solutions.
- Ability to influence leadership on new ideas and approaches to improve processes.
- Innovative, with the ability to develop recommendations for process changes and enhancements to improve efficiency and effectiveness.
- Proven ability to create and deliver Compliance Training Programs.
- Proficient working knowledge of information technology concepts, practices, terminology, and standards, with the ability to actively conduct and/or engage in discussions relative to all assignments. This also includes demonstrated ability to document technical matters and/or complex concepts in a manner that is meaningful to the intended recipients.
- Knowledge of PKI concepts, Trust Services, Certification Authorities and/or Root Store Programs a plus.
Education requirements and work experience include:
- Bachelor’s Degree in Information Technology, Computer Science, or an equal amount of experience in the related field.
- Two or more years of business experience in Information Security /IT consulting
Nice to have(preferred):
- Certification such as CISM, CCSK, ISO 27001 Lead Implementer
- Any relevant licenses and/or certifications (e.g., CISSP, COBIT, ITIL, CDPSE)