Sr. Compliance Specialist
Responsibilities include, but are not limited to:
- Coordinating and managing Zoom customer-facing tasks and requests, including:
- Completing, reviewing and/or editing security, risk and/or compliance questionnaires, RFPs/RFIs and contracts;
- Planning, scheduling and managing customer audits and/or risk assessments (remote and onsite);
- Scheduling, participating and leading meetings with customers and prospects to discuss Zoom’s security and/or compliance posture, as well as address any questions related thereto;
- Reviewing contractual requirements related to security and compliance;
- Responding to external and internal requests for information related to data security, data protection, and Zoom compliance regulations.
- Managing and updating content database of customer-facing responses.
- Striving to ensure that customers have the right information. This information must be customer-facing and must be presented clearly and concisely.
- Producing high-quality detailed documentation to internal and external parties, while managing sensitive or confidential information.
- Project management.
Other Responsibilities include, but are not limited to:
- Contributing to updates and origination of Zoom compliance policies and procedures.
- Reviewing compliance requirements and translate into actionable requirements.
- Collaborating with cross-functional groups such as sales, legal, security, marketing, customer advocacy, operations, and product engineering to enhance processes.
- Recognizing opportunities for addressing issues, risks, and exposures.
- Working with stakeholders to ensure that compliance considerations can be incorporated without disruptions to innovation.
- Management and coordination of various security and/or compliance projects, as directed by the Zoom Head of Compliance.
- Maintaining current knowledge of applicable federal and state laws and accreditation standards, and monitor advancements in compliance technologies to ensure organizational adaptation and compliance.
- Periodically revise the compliance program in light of changes in laws, regulatory or company policy.
- Internal due diligence risk assessments on Zoom’s vendors.
- Internal auditing:
- Conduct and manage internal audits in line with the business, customer and management system requirements;
- Determining audit scope and developing audit execution plans;
- Liaising with external parties, coordinating and facilitating audit activities;
- Effective management of corrective and preventive action plans;
- Creating, reviewing and scheduling audit cycles with respective business owners;
- Performing testing of internal controls and conducting reviews of internal controls to assess the effectiveness of current internal controls.
- Bachelor’s degree or relevant experience in technology project management;
- 3-5+ years of experience in a technology project management capacity;
- Superior written and verbal communication skills, with a keen eye for detail
- Proven ability to quickly learn and understand complex topics;
- Understanding of basic cybersecurity concepts;
- Previous experience writing documentation and procedural materials for multiple audiences;
- Experience managing security projects and technology implementations;
- Ability to work both independently and in a team-oriented, collaborative environment;
- Ability to work extended or non-traditional hours on occasion to support emergency situations;
- Familiarity with compliance and security frameworks preferred (e.g.,SOC 2, NIST 800-53, ISO 27001)