Key skills
CloudPMPReactAIAgileRisk Management
About this role
Role Overview
- Establish and maintain security policies, standards, and controls aligned with industry frameworks (NIST, ISO 27001, PCI, SOC 2).
- Develop a metrics and reporting framework to assess the effectiveness of the security and privacy programs.
- Organize information security risk assessment process, including the reporting and oversight of treatment efforts to address negative findings.
- Assist with compliance audits and projects (SOC 1, SOC 2, ISO 27001, ISO 27701, PCI-DSS, Tx-RAMP, and other projects).
- Manage privacy program to ensure that it is in compliance with legal and regulatory requirements (GDPR, PIPEDA, CCPA, CPRA)
- Execute Privacy Impact Assessments (PIAs)
- Support in the development and implementation of a continuous controls monitoring program for security compliance and automation of manual processes.
- Monitor regulatory and industry trends to ensure required changes in compliance policies, procedures, and testing are integrated in a timely manner.
- Assist with enterprise-wide targeted training for employee compliance with regulatory requirements.
- Coordinate security incident response and resiliency activities from a compliance and governance perspective, ensuring lessons learned feed back into governance processes.
- Manage Third Party Risk Management oversight for new and existing vendors.
- Support and help grow the AI Governance initiatives within the organization.
Requirements
- Education: Required: Bachelor’s Degree; Minimum 5+ years of technology project/program management.
- Experience: Ability to effectively work as part of a cohesive and agile team.
- Ability to manage security audits and frameworks (e.g., PCI, ISO, SOC 1, SOC2, NIST)
- Ability to manage privacy audits and frameworks (e.g., GDPR, CPRA, CCPA, PIPEDA)
- Ability to manage AI audits and frameworks (e.g., ISO 42001)
- Ability to remain organized and to elicit cooperation from a wide variety of sources, including team members, other internal departments, and external parties.
- Ability to effectively prioritize and execute tasks in a high-pressure environment and react to project adjustments and alterations promptly and efficiently.
- Ability to exercise good judgment and discretion in confidential matters.
- Demonstrable experience interacting with auditors and strategic partners in cloud-based environments similar to Emburse, relating to assurance frameworks such as SOX, PCI DSS, ISO27001, SOC 2 Trust Principles, Business Continuity and Disaster Recovery and Third-Party Risk Management.
- Implemented or maintained Drata (or other GRC tools)
- Certifications: Preferred: CISSP, CIPP/EU, CIPM, Security+, CISA, PMP
Tech Stack
- Cloud
- PMP
- React
Benefits
- A Company with Momentum – We serve 12M+ users across 120 countries, helping businesses modernize their finance operations.
- A Team That Innovates – Work alongside some of the brightest minds in finance, tech, and AI to solve real
- world challenges.
- A Culture That Empowers – Competitive pay, flexible work, and an inclusive, collaborative environment that supports your success.
- A Career That Matters – Your work here drives efficiency, innovation, and smarter financial decision-making for businesses everywhere.