This role will assist in the management of all aspects of corporate compliance and risk management, third-party vendor management, and operational monitoring to ensure that the organization’s Information Security policies and procedures are implemented and well documented, and that compliance issues are identified and remediation plans formalized in a timely fashion. Additionally, incumbents will perform internal reviews and develop risk management strategies to avoid non-compliance.

At Verifi, you will be part of a dynamic environment that supports interdepartmental collaboration, fuels creativity and provides you with an opportunity to take ownership and play an intricate part in our company’s success.

You will work alongside the brightest and most remarkable individuals in the industry and you will have an immediate impact on our aspirations for global domination and disruption of the payments space.   And you will do all this, while challenging your career, giving back to the community and creating new friendships.

Join Verifi and you join the leader in the eCommerce marketplace for payment and risk management.

You’ll responsibilities include:

• Independently evaluates and analyzes issues or recommendations for improvements in processes to mitigate risks and bring programs and operations into compliance with the goals and objectives of the Corporate Compliance Program and communicates results to management and other key stakeholders.
• Takes a lead role in the development and execution of the internal IT compliance testing program. This includes: risk assessments, internal IT controls and compliance reviews; and remediation testing of issues identified during third-party assurance reviews or internal assessments.
• Serve as company representative with clients and partners, responding to security questionnaires and managing audits
• Continually reviews and improves the risk assessment methodology, process, and procedures.
• Assists in developing and administering ongoing IT compliance monitoring and governance activities.
• Advises internal business clients on the effectiveness of corrective action plans in the event of non-compliance or detected vulnerabilities in their environment.
• Contributes to various project requests from functional teams to increase operational efficiency, strengthen IT environment, and help meet the company’s internal and external regulatory or compliance requirements.
• Serves as subject matter expert on various special projects, risk assessments, and initiatives within the organization
• Leads the annual Business Impact Assessment and Business Continuity Planning process
• Performs ad-hoc compliance requests or additional duties as assigned
• Will be required to be available for after-hours and weekend on-call if needed; periodic travel may be required

You bring to the table:

• BS, BA in Information Technology, Computer Science or other related Business/Technology/Analytical studies
• 6+ years of experience in IT compliance, security, internal controls or risk management
• Prior experience conducting internal and external risk assessments and providing guidance to functional teams with the implementation, monitoring, and reporting of control processes, documentation, and compliance measures and / or remediation items and implementing and enforcing policies and procedures
• Extensive regulatory Compliance experience with PCI/DSS, Sarbanes-Oxley, HIPPA, FISA, or similar
• Experience interpreting industry and regulatory requirements and authoring supporting controls.
• Experience performing third party assurance assessments
• Excellent client relationship and customer service skills, with a clear client focus
• Strong project management skills
• High degree of independence and exceptional work ethic with a team player attitude and a solution oriented mind
• Familiarity with core IT Technologies such as data backup, retention, and recovery, network systems, firewalls, intrusion detection systems, VPNs, network account access, and network monitoring systems
• Experience working in 24/7 operational environments
• Exceptional interpersonal, written and oral communication skills

Additional considerations, include:

• Prior experience leading an AT 101 SOC 2 examination
• Working knowledge of global laws and regulations such as EU Directive 95/46/EC, UK DPA, GDPR, or Privacy Shield
• CISSP, CISA, CISM, CRISC, CPP(ASIS), ISO 27001 Lead Auditor, or similar certification
• Understanding of financial and payment card processing industries
• Proficiency in Linux and Windows server

We are located in Los Angeles and offer:

• Dynamic, stimulating and open environment with opportunity for personal development.
• Health Insurance (Medical, Dental, Vision) Life Insurance, 401k with match, Paid Time Off, and Paid Holidays
• Paid parking and complimentary food
• Socially conscious and community oriented company
• Energized employment filled with activities and events
• Competitive base Salary, plus bonus, and stock options