Logo
Penumbra, Inc.

IT Compliance Manager

Penumbra, Inc., Alameda, California, United States, 94501


The IT Compliance Manager will oversee Enterprise IT controls, processes, and transactions to ensure all relevant regulatory, legal, and internal compliance guidelines are followed. Specific Duties and Responsibilities: Develop the IT General Controls Framework, implement and manage an effective IT controls audit and compliance program for the enterprise across all domains of IT and manage cybersecurity risk to the business. Ability to self-audit with limited assistance from system or service owners across all IT domains i.e., Network, Cloud, IAM, Data, Application, IoT, IT and Security Operations/ Engineering. Partner with peer teams and business where necessary. Expected to be self-reliant on security audits, reviews, evidence retrieval. Engage with 3rd party auditors on testing/walk-throughs and address any security gaps. Create and manage effective action plans in response to audit discoveries and compliance violations. Partner with system owners on IT services audit outcomes, risk management and compliance reporting. Advise management on the company’s compliance with laws and regulations through detailed reports. Develop, and up-keep company IT security policies and procedures. Regularly audit company procedures, practices, and documents to identify possible weaknesses or risks. Ensure stakeholders are educated on the latest regulations and processes. Resolve business concerns about regulatory and legal compliance. Maintain positive rapport with IT teams, business, and auditors through effective communications. Develop, self-audit, manage, and oversee IT Controls across all domains of IT i.e., Network security, Cloud Security, Infrastructure security, End-point security, IAM, Data security, Endpoint security, Application security, IT/ Security operations, ensuring internal and regulatory compliance, working with peer teams to address any gaps and report on compliance. Adhere to the Company’s Quality Management System (QMS) as well as domestic and global quality system regulations, standards, and procedures. Understand relevant security, privacy and compliance principles and adhere to the regulations, standards, and procedures that are applicable to the Company. Ensure other members of the department follow the QMS, regulations, standards, and procedures. Perform other work-related duties as assigned. Position Qualifications: Bachelor's degree in computer science or related field with 10+ years of experience, or equivalent combination of education and experience 10+ years’ hands-on experience in developing, implementing, and managing enterprise IT audit, governance, and compliance framework is preferred Ability to develop ITGC framework, implement and manage audit, governance, and compliance across all IT domains i.e., Network, Cloud, IAM, Endpoint, Data, Applications and Operations Self-reliant and motivated, with expert level understanding of IT technology stack across Network, IAM, Endpoint, Data, Applications is required. Fully self-reliant, hands-on capability across IT technology stack across Network, Cloud, IAM, Endpoint, Data & Applications. Collaborate with system owners on an ad-hoc basis to seek clarification, review audit data, and rectify any identified gaps. Expert level knowledge of audit, governance, and compliance frameworks Expert level knowledge of cybersecurity risk management frameworks Strong knowledge of technology landscape, regulatory/legal requirements, and procedures Highly analytical with strong attention to detail. Strong oral, written, and interpersonal communication skills Proficiency with MS Word, Excel, and PowerPoint Excellent organizational skills with ability to prioritize assignments while handling various projects simultaneously Working Conditions: General office environment Willingness and ability to work on site. Potential exposure to blood-borne pathogens Requires some lifting and moving of up to 5 pounds Must be able to move between buildings and floors. Must be able to remain stationary and use a computer or other standard office equipment, such as a printer or copy machine, for an extensive period of time each day. Must be able to read, prepare emails, and produce documents and spreadsheets. Must be able to move within the office and access file cabinets or supplies, as needed. Must be able to communicate and exchange accurate information with employees at all levels on a daily basis. Starting Base Salary Is: $140,000/year to $180,000/year Individual compensation will vary based on factors such as qualifications, skill level, competencies, work location and shift, and will increase over time based on meeting performance and business needs.

#J-18808-Ljbffr