Compliance Program Manager

Summary

Join Fivetran as a Compliance Program Manager and lead the planning and execution of audits evaluating the effectiveness of IT, financial, and operational controls. You will assist in implementing and maintaining compliance frameworks like HITRUST and FedRAMP. This full-time, remote US-based role requires experience in security and IT audits, risk management, and working with cloud technologies. Advanced security risk or audit certifications are required, and leading cybersecurity certifications are preferred. You will collaborate with various teams and stakeholders to ensure timely execution of audit work and communicate results effectively. Fivetran offers competitive compensation and benefits, including 100% employer-paid medical insurance, generous PTO, RSU stock grants, and professional development opportunities.

Requirements

• Experience in Security Audit, IT audit, and risk management processes, and managing a control framework
• Knowledge of, or experience working with, Cloud technologies/environments, such as GCP, AWS, and Azure
• Experience in using a GRC tool
• Team player who takes initiative and works constructively with others to achieve team goals
• Project management and organization skills, including attention to detail
• Understanding in compliance frameworks: NIST, ISO, SOC, PCI-DS, NIST 800-53, HITRUST
• Advanced security risk or audit certifications are required

Responsibilities

• Lead the planning and execution of audits that evaluate the adequacy and effectiveness of information technology/security, financial and operational control activities to develop recommendations for the correction of control deficiencies and improvements in operational efficiencies
• Assist in the implementation of new frameworks (HITRUST, FedRamp) and after in place will maintain and monitor the framework to ensure Fivetran is in compliance
• Leads team members in the preparation and review of audit reports to ensure accuracy and quality of recommendations
• Independently communicates results with all levels of management
• Performs complex analysis in order to gain insight to make appropriate recommendations to management
• Coordinate with co-source providers, external auditors, internal leaders, and process owners to ensure engagement and timely execution of audit work
• Acts as a subject matter expert within specific responsibility area(s) and applies internal audit best practices and keeps current with applicable rules and regulations for security compliance standards, as well as any authoritative pronouncements issued by relevant governing bodies
• Acts independently to plan, lead and execute audits designed to test and evaluate the Company's security and IT internal control processes
• Understands technology concepts, operating process flows, identifies areas of risk (both IT and business), and develops value added solutions that mitigate risk and enhance operational performance
• Responsible for compilation and presentation of audit reports

Preferred Qualifications

Leading cybersecurity certifications are preferred

Benefits

• 100% employer-paid medical insurance
• Generous paid time-off policy (PTO), plus paid sick time, inclusive parental leave policy, holidays, and volunteer days off
• RSU stock grants
• Professional development and training opportunities
• Company virtual happy hours, free food, and fun team-building activities
• Monthly cell phone stipend
• Access to an innovative mental health support platform that offers personalized care and resources in areas such as: therapy, coaching, and self-guided mindfulness exercises for all covered employees and their covered dependents