About Playvox
We believe that a great customer experience starts with people! Playvox provides cloud native, digital first workforce engagement Management software comprising seven modules, Workforce Management, Quality, Coaching, Performance, Learning, Motivation and Voice of the Customer. Our solutions are designed to get the very best out of your workforce, while improving every part of your customer and employee engagement. platform integrates data from the leading cloud-based vendors such as Zendesk, Salesforce, Kustomer, Talkdesk, and Five9.
Role Description Overview
We are looking for a Privacy, Security & Compliance Manager who is confident in their skills, has a great attitude, and wants to join an overachieving team. If you want to build your career within an industry-leading, rapidly growing technology company, then Playvox is the right place for you. The Privacy, Security & Compliance Manager will be responsible for the oversight of Playvox enterprise compliance with applicable regulations, frameworks, standards, and client commitments in information security, data protection and privacy. In addition, they will play a key role in leading the management and enforcement of the core components of the Company Enterprise Information Security Program in the efforts to ensure the security and compliance of the company's infrastructure and critical assets. Will be responsible for partnering with team members across the company to ensure the policies and procedures exist and are effectively executed and enforced.
Responsibilities
-
Standardize and streamline annual and ad-hoc information security audits and assessments in compliance with SSAE-18 SOC2 and other requirements as necessary (NIST, ISO/IEC 27001)
-
Implement throughout organization security programs for Risk Management, Incident Management, Vendor Management, Business Continuity and Disaster Recovery.
-
Coordination of third parties to help complete the assessments when relevant
-
Own, manage and maintain Playvox's information security policies and procedures and assist with the related security awareness programs to both end-users and technical staff
-
Make management (including BoD) aware of their roles and responsibilities, and also informed on the status of the Information Security Management System
-
Assist in the monitoring and enforcement of compliance with security policies, programs and regulations
-
Assist with contract and vendor management processes and issues related to security requirements and projects
-
Oversee the development, evaluation, and implementation of governance and compliance and processes to mitigate cybersecurity risk and ensure the protection of company assets and information
-
Research and interpret current and pending laws and regulations, industry standards and client and vendor commitments to understand and communicate compliance requirements
-
Consult with business and technical leadership to ensure that data, processes, and technology are designed for data protection and compliance
-
Monitor investigations and documentation of information security compliance issues.
-
Develop guidance and assists the company in identifying, implementing, and maintaining information privacy policies and procedures in coordination with management, the Risk Committee, and the Legal department
-
Provide guidance to the products development team so that products conform to privacy-by- design and information security principles
-
Review and advise software development to maintain associated risks under control, working with other engineering teams to deploy, maintain and update automatic security controls for the infrastructure and the CI/CD pipelines
-
Perform initial and periodic privacy impact analyses and information privacy risk assessments
-
Investigate and resolve privacy incidents related to customer personal data
-
Review prospective vendor to understand and vet their data collection practices
-
Review and revise terms of use and privacy policies
-
Assist with responding to compliance audits, questionnaires, and/or reviews conducted by Company's clients any internal audits or reviews conducted (including implementing, facilitating or monitoring any necessary resulting corrective actions to ensure completion)
-
Assist with preparing status reports and other leadership updates and collecting program metrics
-
Build a strategic and comprehensive privacy program to minimize risk and ensure the confidentiality of protected information.
-
Own and manage the Security Awareness program across all Playvox and for key areas like the development teams
-
Research via different sources for security news and updates (Security patches, data breaches, threats) in order to maintain continuous awareness for all the organization and take the necessary actions in case of customer or vendor security incidents or breaches
-
Lead the vulnerability management program, including application and infrastructure penetration tests and periodic vulnerability scans
-
Lead the IT Support team, to support Playvox operations in different locations
Required Skills
Understand information security concepts such as Security Architecture and Design, Data Governance, Information Security Standards and Risk Assessments-
Knowledge, expertise and experience on Privacy regulations as GDPR, US Privacy Laws and others like Australian Privacy Principles, Colombian Data Protection.
-
Translate security control language into a natural human language to aid in speed and accuracy of implementation
-
Experience working with senior stakeholders across product and technology to build integrated roadmaps.
-
Work with engineering and IT teams to implement controls into the Software Development Life Cycle.
-
Experience implementing compliance programs in multi-regional cloud environments.
-
Deep Cloud (AWS and GCP) knowledge and/or certifications advantageous to work in a fast paced engineering organization.
-
Possess knowledge of common information security and privacy frameworks, such as ISO/IEC 27001:2013/2022, PCI-DSS, SSAE 18 SOC 2, HIPAA, CCPA/CPRA,NIST, etc.
-
SPANISH LEVEL: Upper Intermediate or Higher - Highly Desirable
-
ENGLISH LEVEL: Proficient
-
Perform process development, consolidation, and optimization at an enterprise level
-
Excellent troubleshooting and analytical skills required
-
Bachelor's degree in Computer Science, Management Information Systems (MIS) or equivalent experience
-
Desired certifications include those such as (ISC)2 CISSP, ISACA CISA, ISACA CISM or equivalent
-
Excellent customer service, organizational, interpersonal and communication skills
-
Ability to prioritize and complete multiple tasks in a fast-paced, technical environment
Playvox is committed to creating an inclusive employee experience for all. We firmly believe that diversity is how we achieve our mission and grow our business.