Director of Governance, Risk and Compliance (GRC)
- Remote - United States, Canada, Europe
HAProxy Technologies is the company behind HAProxy, the world’s fastest and most widely-used software load balancer. Organizations rapidly deploy HAProxy products to deliver websites and applications with the utmost performance, observability and security at any scale and in any environment. HAProxy Technologies is headquartered in Waltham, MA, with multiple offices across the US and Europe.
The (GRC) Director’s primary role will be to establish best in class Security, Risk & Privacy programs and policies that will safeguard the company and its partners.
Develop, enhance, operationalize enterprise-level security, risk and privacy policies, processes and controls to mitigate risk and comply with applicable laws and regulations
Collaborate with key stakeholders to review projects, business critical systems and related data to ensure compliance with data privacy laws, and if necessary, perform and advise on privacy impact assessments
Complete ownership and responsibility to answer privacy questionnaires and client required privacy information. Coordinate, conduct and act as primary contact for all internal and external audits (privacy, security & compliance)
Lead the development and ongoing management of privacy programs across the company across all locations / jurisdictions
Implement measures and a governance framework to manage data use in compliance with laws and regulations, including developing templates for data collection, assisting with data mapping, and vendor management reviews
Identify, track, monitor and report on privacy controls and all applicable Data Privacy requirements. Provide recommendations to stakeholders when appropriate
Responsible for the regulatory training of all employees and contractors
An compliance-minded leader that has a strong sense of integrity and the ability to balance business interests with the need for compliance standards.
Bachelor’s degree in the IT/Technology or legal field
5+ years of experience in Information Security and/or Data Privacy Compliance positions
Expertise in compliance standards, eg. ISO27K, SOC1/2, SSAE 16, NIST CSF and PCI DSS
Strong understanding of data privacy regulations eg. CCPA, GDPR, HIPAA, PIPEDA, UK DPA and Privacy Shield
Strong understanding and experience in enabling GRC solutions and common control framework for data regulations
Certification(s) Preferred: Certified Information Privacy Professional (CIPP), Certified Information Privacy Manager (CIPM), Certified Information Privacy Technologist (CIPT), CISA, CISM
Excellent project management and process improvement skills
Ability to work independently in a fast-paced environment and handle multiple complex & confidential tasks
Excellent communication, interpersonal skills and attention to details & deadlines
Knowledge of standards NIST, COBIT, SABSA, is an asset
Past experience in GRC/privacy based role for a SAAS company is an asset
Experience with WAF, Application or Content Delivery Networks is an asset
Knowledge of Business Continuity Planning, is an advantage
We’re a unique collection of talented and passionate people with a shared vision of simplifying the complexity of modern application architectures. In order to meet our ambitious goals, we need to scale our governance, risk and compliance team to accommodate our growing product lines and customer requirements. Under the direction of the VP of Operations, the Director of Governance, Risk and Compliance (GRC) will be responsible for developing, implementing, and operating the Company’s Information Security, Risk & Privacy Program in accordance with all applicable laws, rules and regulatory requirements. We are looking for talented and passionate individuals who have that Whatever It Takes attitude.
This is a full-time, remote role for candidates located in the United States, Canada or Europe.
Wherever you are located, we put our employees and their families first by offering top of the line health and wellness coverage.
Being on the cutting edge of technology, employees have great opportunities to upskill and learn a vast array of technologies. Our goal is to promote your professional development and help you progress along one of our multiple career paths.View other open positions >