• Senior, Compliance & Controls

    Location US-Remote
    Job ID
    1-38721
    Category
    Information Technology - All Openings
    Pos. Type
    Full Time
  • Company Overview

    At Nuance, we empower people with the ability to seamlessly interact with their connected devices and the digital world around them. We are creating a world where technology thinks and acts the way people do by designing the most human, natural, and intuitive ways of interacting with technology.

    Our nimble technology uses analytics and advanced algorithms to transform the inanimate into animate and reduce complicated processes into simple ones.

    The Nuance Global IT team is focused on supporting the company and employees with technical solutions and expertise that help the business run more efficiently, ensure security and data privacy, and support new IT infrastructure initiatives that drive innovation. Our team is composed of problem solvers with constant curiosity and different perspectives who love to collaborate to transform and rethink IT.

    Job Summary

    Responsibilities:

    The Compliance & Controls Senior is responsible for supporting the development, enforcement, and maintenance of compliance programs for the Nuance Enterprise Cloud Products. This includes responsibilities associated to Enterprise Cloud compliance programs, policy development/management/compliance, pre-sales support and audit management.

     

    • Lead compliance efforts in industry standards and regulatory compliance with ISO 27001/27002, Cloud Security Alliance, GLBA, SOX, PCI DSS, NIST, SOC, HIPAA, HITRUST, Medicare Part D, FISMA, FedRAMP, etc.
    • Participate in the broader Information Security governance process with Nuance Corporate and Divisional Security leaders, including risk management & mitigation, corporate compliance and policy management & compliance.
    • Lead internal and external audits, facilitate customer-driven and 3rdparty security audits/assessments.
    • Work closely with customers and vendors to ensure operational and reporting needs are met.
    • Ensure client and vendor contractual compliance is maintained.
    • Provide pre-sales support for Enterprise products/services.
    • Identify New Technologies / Automation Methods for Compliance Performance & Management.
    • Conduct Ad-Hoc Process / Efficiency Reviews as needed.
    • Support M&A and ITGC integration activities as needed.
    • Proactively assess the availability, integrity, confidentiality, and privacy of all customer and business data.
    • Review risks, threats, vulnerabilities and the development of remediation plans in partnership with Legal, IT, Operations and other relevant groups. 
    • Lead compliance processes and reviews.
    • Communication of the company’s security stance, including compliance issues, risks, and incidents to upper management and customers.
    • Consults on other types of security (e.g., security architecture, secure development lifecycle, physical and environmental security issues) as needed. 

    Qualifications:

    Number of Years of Work Experience: 

    • At Least 5 Years; Information Systems audit or related Information Security experience.
    • Big-4 experience and/or Program Management/IT Project Management and technical related experience a plus. 

    Required Skills:

    • Knowledge and experience specific to managing and reporting internal controls and financial requirements of the Sarbanes Oxley Act.
    • Must be knowledgeable about ISO/IEC standards and PCI requirements, prior work experience in a PCI-compliant environment strongly preferred.
    • Must be knowledgeable of ISO 27001/27002, Cloud Security Alliance, GLBA, SOX, PCI DSS, NIST, SOC, HIPAA, HITRUST, FISMA, FedRAMP, Medicare Part D program and other regulatory compliance requirements and have in-depth experience working with these requirements.
    • CISSP, CISA or CISM, additional GIAC certifications a plus or ability to retain one of the designated certifications within 12 months of hire.
    • Prior policy development and enforcement experience in a regulated environment.
    • Prior experience with business continuity planning and testing, auditing and risk management, as well as contract and vendor negotiations.
    • Experience with software development/QA life cycle (SDLC), Cloud/SaaS experience preferred.
    • Knowledge of complex application, network, virtual environment security, and systems operations.
    • Ability to relate business requirements and risks to policy and technology implementation.
    • Knowledge of risk assessment and remediation procedures
    • Proven ability to manage projects and implementations across organizations.
    • Ability to effectively interface with technical staff.
    • Strong interpersonal skills with the ability to deal effectively with people at all organizational levels and external vendors.
    • Strong project management and time management skills, ability to manage through ambiguity and be confident and effective in high-pace/high-demand environments.
    • Technical skills in related Information Technology discipline
    • Ability to work independently with limited supervision.  
    • Excellent oral and written communications skills with the ability to prepare and deliver concise, understandable reports and presentations.

    Preferred Skills:

    Certifications:

    • Certified Information Systems Auditor (CISA)
    • PCI Professional Qualification (PCIP) or PCI Internal Security Assessor (PCI-ISA)
    • Certified Internal Auditor (CIA)
    • CISSP/CISM/CISA/CIPP

    Education: 4 Year / Bachelors Degree; Computer Science, Management Information Systems, Information Technology, Accounting or a related discipline.  Must demonstrate relevant experience and professional maturity.

     

    Additional Information

    Nuance offers a compelling and rewarding work environment. We offer market competitive salaries, bonus, equity, benefits, meaningful growth and development opportunities and a casual yet technically challenging work environment. Join our dynamic, entrepreneurial team and become part of our continuing success.  

     

    Nuance Communication Inc.  is an equal opportunity employer.  We evaluate qualified applicants without regard to race, age, color, religion, sex, national origin, disability, veteran status, gender identity, sexual orientation and other legally protected characteristics. The EEO is the Law poster and its supplement is available here. If you need a reasonable accommodation because of a disability for any part of the employment process, please call 781-565-5086 – Human Resources Department and let us know the nature of your request and your contact information.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with us for general consideration.