- You are a passionate, proactive and professional individual with a positive and energetic “Let’s get it done!” attitude. You raise your standards to maintain a high level of ethics and accountability in your role and managing multiple initiatives concurrently is of no challenge to you. You enjoy working in a team towards shared goals, you influence others without authority as you have great interpersonal skills and lots of knowledge to share. You are a strong promoter of process integration and automation for compliance needs and you are able to guide your engineering colleagues to automate the needed processes (e.g. automated SDLC activity reporting, privacy by design) to reduce manual work and paper policies. Qualifications:
- 10 years of relevant working experience experience with the practical implementation of compliance programs in an international environment
- Bachelor’s degree required; Master’s desired
- Professional certifications (e.g. CCEP, CIPP, CISA, CISM, CISSP) desired
- English, written and spoken Business, product and industry knowledge:
- Cloud hosting, software as a service
- Agile/Scrum/SDLC working methods
- Banking laws and regulations
- Privacy laws and regulations
- Relevant security certification frameworks, e.g. SOC 2, ISO 27001, CSA, NIST
it's my job
THE JOB AT BACKBASE
Design and implement a compliance program for a new banking as a service cloud hosted product to ensure Backbase successfully achieves and maintains SOC 2 Type II attestation. Manage this program in alignment to SOC 2 and the central list of all applicable laws, regulations and internal policy Ensure knowledge and communication of Client contractual requirements against our program Manage and report our Risk Assessment and Treatment Program Create and contribute to building policy in regards to internal and external requirements (e.g. information security, data privacy, conduct, fraud, business practices, supplier risk management and assessment) and in line with business goals and objectives Ensure sufficient policy training is in place for the business and completed, e.g. information security awareness, privacy and health and safety initiatives Internal Audit reviews of adherence to all policy, recommended remediation, monitor controls Ensure security testing program is in place and has been performed per policy, scope and risk and remediation efforts are in line with business goals and objectives including client contractual requirements Ensure annual table-top testing is performed - response policies (e.g. BCM, DR, Incident Management) are in place and effective. Reporting Compliance and Risk Profile to executive management and board members Keep up with industry regulatory changes in line with compliance program and BB business goals and objectives Manage compliance related projects to meet specific policy or regulatory requirements and prepare for upcoming audits Ensure annual policy reviews are performed and align with business objectives. Maintain critical supplier risk assessment program Assist when needed with RFP and vendor assessment responses Closely work with Legal on data protection and privacy related topicsapply now
Use your yearly training budget to polish your skills. Join one of the knowledge-sharing breakfasts to discover more or come to a guild meeting to share ideas.
a global community
With 60+ nationalities working side-by-side in 9 offices around the world, Backbase is a place where you can work on projects with people from all over the world.
pride and fun
We take pride in our achievements and we love to celebrate them. We host a variety of parties, celebrations, team outings, games nights and office drinks in all our global hubs.
We leave when our clients are happy. Not a day earlier. This committed way of working has won over a lot of our clients’ hearts. This isn’t our first rodeo.
join us to
This is the place you need to be… We want to know you and your skills.