Zoom is growing at an explosive pace by every measure – revenues, people, innovation, and customers. Led by Eric S. Yuan, the #1 ranked CEO on Glassdoor, our unique culture makes Zoom an awesome place to work. We are expanding teams across the organization. If you are motivated by delivering happiness, come join us at Zoom!
This role will be primarily responsible for planning, executing and driving to completion customer-facing security and compliance projects, including customer security questionnaires and audits. The ideal candidate will have experience in the software/technology industry; strong organizational skills (plan development and progress oversight); technology project management experience; and outstanding written and verbal communication skills. You must be able to work with various organizations and stakeholders including Security, Sales, Cloud Operations, Product Development, Privacy and Compliance to coordinate timelines, and deliverables for multiple projects simultaneously. You will also be responsible for helping to implement and institutionalize Compliance Group methodologies and processes.
- Coordinating and managing Zoom customer-facing tasks and requests, including:
- Completing, reviewing and/or editing security, risk and/or compliance questionnaires, RFPs/RFIs and contracts;
- Planning, scheduling and managing customer audits and/or risk assessments (remote and onsite);
- Scheduling, participating and leading meetings with customers and prospects to discuss Zoom’s security and/or compliance posture, as well as address any questions related thereto;
- Reviewing contractual requirements related to security and compliance;
- Responding to external and internal requests for information related to data security, data protection, and Zoom compliance regulations.
- Managing and updating content database of customer-facing responses. Striving to ensure that customers have the right information. This information must be customer-facing and must be presented clearly and concisely.
- Producing high-quality detailed documentation to internal and external parties, while managing sensitive or confidential information.
- Project management.
- Contributing to updates and origination of Zoom compliance policies and procedures.
- Reviewing compliance requirements and translate into actionable requirements.
- Collaborating with cross-functional groups such as sales, legal, security, marketing, customer advocacy, operations, and product engineering to enhance processes.
- Recognizing opportunities for addressing issues, risks, and exposures.
- Working with stakeholders to ensure that compliance considerations can be incorporated without disruptions to innovation.
- Management and coordination of various security and/or compliance projects, as directed by the Zoom Head of Compliance.
- Maintaining current knowledge of applicable federal and state laws and accreditation standards, and monitor advancements in compliance technologies to ensure organizational adaptation and compliance.
- Periodically revise the compliance program in light of changes in laws, regulatory or company policy.
- Internal due diligence risk assessments on Zoom’s vendors.
- Internal auditing:
- Conduct and manage internal audits in line with the business, customer and management system requirements;
- Determining audit scope and developing audit execution plans;
- Liaising with external parties, coordinating and facilitating audit activities;
- Effective management of corrective and preventive action plans;
- Creating, reviewing and scheduling audit cycles with respective business owners;
- Performing testing of internal controls and conducting reviews of internal controls to assess the effectiveness of current internal controls.
- Bachelor’s degree or relevant experience in technology project management;
- 3-5+ years of experience in a technology project management capacity;
- Superior written and verbal communication skills, with a keen eye for detail
- Proven ability to quickly learn and understand complex topics;
- Understanding of technical cybersecurity concepts;
- Previous experience writing documentation and procedural materials for multiple audiences;
- Driven, self-starter, motivated, ability to work independently
- Working knowledge and experience with the following compliance frameworks NIST, ISO, SSAE SOC 2
- Auditing/cybersecurity/compliance background
- Experience working DIRECTLY with Sales
- Experience managing security projects and technology implementations;
- Ability to work both independently and in a team-oriented, collaborative environment;
- Ability to work extended or non-traditional hours on occasion to support emergency situations;