Data Security Services Compliance Manager - Remote Eligible

Data Security Services Compliance Team Leader

Entrust is seeking an experienced individual to support our Data Security Services (DSS) Compliance team, as it relates to leading projects and assessments in support of industry compliance frameworks (e.g., WebTrust for CA (WTCA) and other applicable standards). This role involves monitoring, auditing, coordinating and improving compliance processes to mitigate risks and ensure the highest standards of DSS product integrity and safety. This position functions as part of a Product Management Compliance team responsible for ensuring that the suite of DSS products meet or exceed industry standards, enhancing them over time to become best in class and a competitive sales advantage. This position demands an organized, action-oriented team player with the ability to prioritize daily work and support multiple initiatives simultaneously; strong communication and customer focus (both internal and external) is required.

Responsibilities:

• Ensure Entrust’s Public Key Infrastructure Certificate Authority (PKI CA) products meet applicable compliance frameworks, customer contractual requirements, and emerging standards across multiple communities of trust.
• Provide support as needed to ensure that other DSS products remain in compliance with the applicable frameworks, regulatory requirements and customer contractual requirements for each.
• Escalate compliance issues that arise in production service environments to the Entrust Policy Management Authority (EPMA) while maintaining on-going ownership of the issues and supporting PA/EPMA direction through issue resolution.
• Facilitate external auditor engagements, organize required compliance evidence, schedule required resources, submit required reports, and manage audit timelines.
• Closely monitor and advise product and development teams on regulatory priorities and emerging PKI use cases from multiple communities of trust (e.g., financial services, healthcare, government).
• Feedback and monitor requirements and/or requirements change for each community of trust to the internal teams, ensuring alignment with Entrust’s compliance strategy.
• Represent Entrust and take the lead on standards body engagement, as directed.
• Make recommendations and follow-up to mitigate compliance risks and drive continuous improvement.
• Oversee and drive the end-to-end operational security compliance and audit programs for WTCA and other applicable frameworks.
• Review and make recommendations on operational procedures to ensure they efficiently and effectively comply with all relevant requirements.
• Contribute applicable metrics to product compliance scorecards.
• Facilitate timely identification, communication, and recommended resolution of compliance risks.
• Serve as the internal and customer-facing subject matter expert on compliance frameworks (including WTCA and others).
• Advise customers and internal stakeholders on best practices, compliance, and audit processes across multiple standards.
• Proactively understand control best practices across WTCA and other frameworks and advocate for adoption of these internally at Entrust.
• Assist with other audits and compliance activities relating to DSS product compliance, as requested.
• Manage project document repository; maintain strict deadlines and positive vendor/customer relationships.
• Gather feedback from customers, partners and other relevant external entities and provide that to the Product Managers for consideration as possible future service enhancements.

Basic Qualifications:

• Associate or bachelor’s Degree
• 5+ years of security compliance or audit experience with various compliance frameworks (e.g., WTCA, Netsec)
• Ability to work in fast-paced environment, multi-task and prioritize
• Strong Governance, Risk Management and Compliance process experience
• Ability to work cross functionally with leaders and team members across time zones and continents
• Experience with internal controls, risk assessments, business processes and internal IT control testing or operational auditing
• Excellent writing, analytical and problem-solving skills
• 10% travel requirement

Preferred Qualifications:

• Security clearance or ability to obtain a security clearance
• Prior experience with one or more of the following frameworks: NIST, FedRAMP, ISO, SOC 2, A-SIT, Common Criteria, DORA, eIDAS, ETSI, and NIAP
• Working knowledge of Enterprise Networking concepts
• Basic project management experience.
• Relevant certifications such as Certified Regulatory Compliance Manager (CRCM) or similar