Information Security Compliance Program Manager
At Skillsoft, we are all about making work matter. We believe every team member has the potential to be AMAZING. We are bold, sharp, driven and most of all, real. Join us in our quest to democratize learning and help individuals unleash their edge.
Skillsoft is seeking a Program Manager to manage and coordinate information security and data protection projects for the companys SaaS products and internal Information Technology infrastructure and applications. The candidate will manage and coordinate various security programs to ensure regulatory adherence, responsible for developing security and privacy programs to ensure the integrity of PII and security of information systems.
The Program Manager will work closely with Skillsofts Legal, Product, Cloud Delivery, Business Applications, Marketing and Information Technology organizations on a day to day basis and will act as the primary interface with external auditors during audit activities. In this role, you will be expected to manage Skillsofts cyber policy implementation and risk assessment, including continuous monitoring, core risk management, and development of sector-oriented policy frameworks, such as FedRAMP, SOC 2, NIST, and additional standards as demanded by Skillsofts customers and partners.
This role reports to Skillsofts Chief Information Security Officer.
- Manage and coordinate Skillsofts information security risk and compliance efforts.
- Conduct data analysis to inform cyber risk. Create cyber risk assessment process for change management and third-party vendor review, covering vulnerability management, incident response, security tool assessment and maintenance.
- Assist Skillsoft through FedRAMP assessment and authorization.
- Lead Skillsofts use of NIST Common Security Framework to measure and maintain the maturity of the companys security program.
- Develop internal compliance policies and procedures and manage companywide adherence and training.
- Assist the RFP/RFI team with Security aspects of proposals.
SKILLS & QUALIFICATIONS:
- Direct experience and demonstrable expertise in the field of IT security within the US
- Experience with Fed/DoD sector is a plus
- Experience with audit and risk management frameworks, such as SSAE 18 SOC-2, NIST800-53, and PCI DSS
- Experience with SaaS product delivery
- Experience with AWS is an advantage
- Ability to collaborate cross-functionally with Product, Engineering teams and IT
- Strongly prefer candidates who hold one or more security certifications, CISSP preferred, and be extremely familiar with IT security both inside and outside of U.S. corporations and SaaS product delivery
Personally Accountable for Team Success. We unleash our edge together.
Confident Achievers. We are bold.
Intellectually Curious. We are sharp.
Adaptable, Agile & Resilient. We are driven.
Customer First. We are real.
MORE ABOUT SKILLSOFT:
Skillsoft delivers online learning, training, and talent solutions to help organizations unleash their edge. Leveraging immersive, engaging content, Skillsoft enables organizations to unlock the potential in their best assets their people and build teams with the skills they need for success. Empowering 36 million learners and counting, Skillsoft democratizes learning through an intelligent learning experience and a customized, learner-centric approach to skills development with resources for Leadership Development, Business Skills, Technology & Development, Digital Transformation, and Compliance.
Skillsoft and SumTotal are partners to thousands of leading global organizations, including many Fortune 500 companies. The company features three award-winning systems that support learning, performance and success: Skillsoft learning content, the Percipio intelligent learning experience platform, and the SumTotal suite for Talent Development, which offers measurable impact across the entire employee lifecycle. Learn more at www.skillsoft.com.
Thank you for taking the time to learn more about us.
If this opportunity intrigues you, we would love for you to apply!
NOTE TO EMPLOYMENT AGENCIES: We value the partnerships we have built with our preferred vendors. Skillsoft does not accept unsolicited resumes from employment agencies. All resumes submitted by employment agencies directly to any Skillsoft employee or hiring manager in any form without a signed Skillsoft Employment Agency Agreement on file and search engagement for that position will be deemed unsolicited in nature. No fee will be paid in the event the candidate is subsequently hired as a result of the referral or through other means.
Skillsoft is an Equal Opportunity-Affirmative Action Employer: It is the policy of Skillsoft Corporation to provide equal employment opportunities to applicants and employees without regard to race, color, national origin, citizenship, religion, sex, sexual orientation, age, marital status, disability (mental or physical), protected veteran status, genetic information or any other class protected by law.