At Veeva, we build enterprise cloud technology that powers the biggest names in the pharmaceutical, biotech, consumer goods, chemical & cosmetics industries. Our customers make vaccines, life-saving medicines, and life-enhancing products that make a difference in everyday lives. Our technology has transformed these industries; enabling them to get critical products and services to market faster. Our core values, Do the Right Thing, Customer Success, Employee Success, and Speed, guide us as we make our customers more efficient and effective in everything they do.
As the Manager of Risk and Compliance you will be responsible for monitoring company risk and helping to ensure compliance to changing regulation and legislation. You will be responsible for monitoring compliance with security standards, internal periodic security maintenance, internal security audits, third party security assessments, and coordinating external annual audits. You will foster a compliance culture throughout Veeva, communicating effectively and building positive relationships with other Veeva teams.
What You'll Do
Coordinate/Monitor/Review annual audits be third party assessors (ISO27001, ISO27017, ISO27108, SOC2 Type 2, HIPAA, HiTrust)
Monitor changes to core standards such as NIST 800-53, NIST 800-64, NIST 800-37 and others
Build an internal audit evidence collection framework, focused on automation first
Manage securities Risk profile and scores.
Monitor compliance with Veeva policies and procedures
Identify policy and process improvement opportunities, develop recommendations and communicate with stakeholders in a collaborative manner
Advise management on risk and control issues and provide practical recommendations to ensure risks are appropriately managed.
Lead in recruiting, supervising, training and evaluating the performance of staff auditors
Represent the Security team in customer facing audits.
5+ years of relevant internal audit and/or compliance experience
Experience with ISO27001, ISO27017, ISO27018, SOC2 Type 2, HIPAA, HiTrust, NIST
Experience as a people manager with a focus on associate development
Strong oral and written communication skills
Ability to form working relationships with both internal and external stakeholders
Ability to work independently or as a member of a team
Nice to Have
CISA, CISSP, CIA or other professional certification
Experience building automated processes
Perks & Benefits
Healthy, free, provided lunches and snacks every day
Allocations for continuous learning & development
Discounted gym membership
Veeva's headquarters is located in the San Francisco Bay Area with offices in more than 15 countries around the world.
Veeva is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity or expression, religion, national origin or ancestry, age, disability, marital status, pregnancy, protected veteran status, protected genetic information, political affiliation, or any other characteristics protected by local laws, regulations, or ordinances.