At ServiceSource, we strive to find and grow exceptional people like you.
Working at ServiceSource, you will be a part of an engaging, energetic, and entrepreneurial work environment while having the stability and influence of a nearly 20-year industry leader behind you.
ServiceSource is a place where you can GROW, both personally and professionally, while expanding your skills in sales, customer success and people management.
The Senior IT Compliance Coordinator supports and will receive direction from the Director of IT Compliance with day-to-day activities associated with implementing, maintaining, and monitoring the company's global IT Compliance Program.
The Senior IT Compliance Coordinator is chiefly responsible for the successful conduct of multiple IT Compliance audits each year (conducted by external, internal and client auditors). These activities include audit planning; scheduling meetings and coordinating tasks with personnel in other groups (in multiple time zones); obtaining and organizing documented evidence; working with stakeholders to develop remediation plans to address audit issues; providing frequent status updates to auditors and key stakeholders, and preparing oral, written and online presentations for all levels of management.
In addition, this position will be responsible for providing timely and accurate responses to security and compliance questions (particularly in the context of contract addendums and RFPs), and evaluating the results of IT audit reports for third party service providers.
ServiceSource is a high-tech service company; we are constantly changing and evolving to meet the needs of our customers. Our team uses a wide variety of software tools, and we frequently add or change these tools. We need people who can quickly learn and master new software technologies with minimal training and supervision. We value creative problem-solvers who can think outside the box.
Our IT Compliance team is small but highly efficient. Our goal is to make IT audits as easy as possible for our colleagues, as well as the organizations that perform our audits. Our vision is to be prepared for any audit, at any time, on short notice.
* Assist in the planning and coordination of audits, including internal and external audits with personnel in other departments, usually IT teams.
* Participate in the implementation and monitoring of remediation plans to address any risks or gaps identified during the audit (track progress).
* Present findings and provide periodic status updates to management and stakeholders via in-person meetings or web-video-conferences.
* Escalate new findings or remediation items that are not being properly addressed to appropriate personnel, including Director of IT Compliance.
* Review and edit draft business agreements, usually in the form of security focused contract addendums, to make sure the security requirements are consistent with existing processes and capabilities.
* Respond to security questionnaires (from clients and prospective clients), to confirm (and sometimes describe) what security controls are in place.
* Assist in developing and maintaining an online digital library of security and compliance documents; organizing them logically for easy retrieval.
* Assist in editing and publishing of corporate policies related to IT Security and IT Compliance; coordinate with subject experts for content reviews.
* Assist with development of audit checklists, internal newsletter articles, and other internal tools to educate users on audit and compliance requirements.
* Perform other tasks and projects related to security and/or compliance, and assist in the execution of special assignments as directed.
General Qualifications / Soft Skills:
* Must be adept at handling multiple assignments in a timely manner and meeting assigned short-term and long-term deadlines
* Must be able to work with minimal supervision, as part of a global team
* Excellent oral, written and presentation skills (Word, PowerPoint)
* Detail-oriented (ability to quickly spot errors and omissions in documents)
* Ability to interact well with business and IT (at all levels of management)
* Strong analytical skills (business process documentation and data flows)
* Ability to use discretion when handling sensitive/confidential information
* Well versed in the use of spreadsheets (Excel, Smartsheets) and/or databases (FileMaker Pro) for data collection, analysis and reports
* High ethical standards - demonstrated ability to understand and comply with applicable regulations and company operating policies and procedures
* A professional degree or a strong history of experience with Information Systems, Computer Science, Accounting, and/or Business Management
* 3-6 years IT audit or IT compliance experience
Optional / Preferred Job Experience:
* Participation in IT Compliance Audits (SOC-2/PCI/SOX/ISO 27001)
* Experience with one or more audit or GRC tools (ZenGRC, Archer, Workiva)
* Experience with security/compliance contracts, RFPs, questionnaires
Optional / Preferred Certifications:
* IT Security/Audit Focus: CISA, CISM, CISSP, GSEC
* IT Process Focus: BPR/BPM, PMP, Six Sigma, ITIL
Note: If candidate does not have any of the above certifications, they will be encouraged to pursue a certification as part of their performance goals
ServiceSource offers cloud-based apps that facilitate management and optimization of the service contract renewals process.