Security Policy, Risk And Compliance Manager

Facebook Menlo Park , CA 94025

Posted 1 week ago

The Security Policy, Risk and Compliance Manager will be someone that has a passion for leading a team which evaluates Information Security risk to inform pragmatic policy, standards, and guidelines. This person will also be responsible for helping to design and iterate on security controls to address these risks in a way that helps empower and maintain Facebook's culture of rapid innovation.

In this role, you will stay informed about the dynamic regulatory landscape, industry trends and internal operations, and will communicate and drive delivery of innovative solutions for compliance at scale. This position requires a mix of broad business and technical acumen with strong people-management skills, the ability to inspire and influence decisions around security risk management, and a polished ability to communicate with key executives, external regulators, and the public.

SECURITY POLICY, RISK AND COMPLIANCE MANAGER RESPONSIBILITIES

  • Lead, build, retain, and develop a team of Information Security professionals that are passionate about identifying, assessing, and mitigating security risk while empowering Facebook's rapid innovation and growth.

Support the team to develop and communicate policies, procedures, guidelines, and plans to internal stakeholders regarding security and risk management.

Create robust, scalable programs to deliver policy and compliance objectives in product areas and general technical infrastructure.

Design, implement, maintain, and improve programs to address key company risks and prepare internal teams for independent assessments against a wide variety of regulatory and compliance frameworks.

Find practical solutions to standardize and scale across Facebook.

Provide robust assurance of the operational effectiveness of our compliance controls.

Define metrics to track program progress and maturity for various stakeholders.

Improve controls for internal systems, processes, and policies.

Collaborate with internal teams and external auditors throughout compliance assessments.

Understand technical implementation details necessary to assess general and situational Information Security risk.

Responsible for the development and oversight of required mitigation plans relating to information security risk and policy exceptions.

MINIMUM QUALIFICATIONS

  • B.S. in computer science or equivalent experience.
    8+ years of experience in global security policy and risk management.
    3+ years of people management experience.

Experience in Information Security policy development and risk management at tech companies.

Knowledge of pragmatic security controls across all security domains such as access management, encryption methods, vulnerability management, network security, etc.

Demonstrated leadership experience working and communicating at executive levels.

Experience developing and producing security metrics and reports that are meaningful and actionable across various audiences.

Conceptual, critical thinking, and sound judgment with strategic orientation and experience performing tactically.

Experience providing technical knowledge appropriate to delivery of security protections.

Experience in technical concepts similar to cloud computing environments: logical access control, agile development process, secure coding principles, security architecture, information security, network security, and privacy.

PREFERRED QUALIFICATIONS

  • Ability to influence across all levels of the organization.

Excellent project management skills.

Eagerness to learn new things and discover emerging and new data trends.

Great attention to detail with excellent leadership and problem-solving skills.

Facebook's mission is to give people the power to build community and bring the world closer together. Through our family of apps and services, we're building a different kind of company that connects billions of people around the world, gives them ways to share what matters most to them, and helps bring people closer together.

Whether we're creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to empower people around the world to build community and connect in meaningful ways. Together, we can help people build stronger communities we're just getting started.

Facebook is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at accommodations-ext@fb.com.



icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Internal Audit Manager Security Compliance

Facebook

Posted 4 days ago

VIEW JOBS 12/1/2019 12:00:00 AM 2020-02-29T00:00 Facebook is seeking a leader in Information Security Compliance and Audit to join the Internal Audit team to perform risk assessments, audits, and readiness exercises around Facebook's Information Security programs. We are looking for a highly qualified Security professional with strong project management skills, a pragmatic approach, and the ability to build relationships and consensus. INTERNAL AUDIT MANAGER - SECURITY COMPLIANCE RESPONSIBILITIES * Function as a "Security Compliance" subject matter resource and bring focused expertise around Security compliance certifications to the table (including but not restricted to SOC2, ISO, PCI etc.). Be comfortable with executing projects related to Security Compliance and collaborating with risk management ("second lines of defense") teams in related efforts around addressing Security risks at Facebook. Analyze applicable laws/regulations and compliance requirements to provide a point of view on audit requirements as it relates to information security controls. Build strong cross functional relationships with business partners and technology teams to thoroughly understand their business and technology processes to identify appropriate and pragmatic approaches to information security compliance obligations. Serve as the central Internal Audit point of contact for Security compliance teams to execute cross functional projects. Partner with other Internal Audit team members to coordinate cross-vertical audit projects and initiatives in alignment with IA's strategy. Effectively manage resources within the internal audit co-sourcing partner(s) to ensure that we execute as one team. MINIMUM QUALIFICATIONS * 6+ years of experience with the Big Four, an information security role or internal audit with a focus on Information Security. BA/BS in business, computer science, management information systems, or related field. Demonstrated experience of project management practices, tooling, and managing audit projects through their lifecycle. Communication skills, interpersonal skills, and presentation skills that allow highly effective interactions with business partners. Independently operate in a fast paced and diverse environment while managing multiple projects. PREFERRED QUALIFICATIONS * CISSP or CISA certification (bonus points for additional Security focused certifications) Understanding of Facebook products and operations Master relationship builder – Gains trust through action, develops deep business understanding, spots opportunities, and delivers value to the business Thrives and gains energy from navigating an ambiguous and changing environment Solid understanding of managing Third Party Risk and associated Security requirements Artfully distills complexity – Goes deep, synthesizes, simplifies, then story-tells to the audience Execute in a dynamic, demanding environment with strong organizational, multi-tasking, and prioritization skills Facebook's mission is to give people the power to build community and bring the world closer together. Through our family of apps and services, we're building a different kind of company that connects billions of people around the world, gives them ways to share what matters most to them, and helps bring people closer together. Whether we're creating new products or helping a small business expand its reach, people at Facebook are builders at heart. Our global teams are constantly iterating, solving problems, and working together to empower people around the world to build community and connect in meaningful ways. Together, we can help people build stronger communities — we're just getting started. Facebook is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at accommodations-ext@fb.com. Facebook Menlo Park CA

Security Policy, Risk And Compliance Manager

Facebook