Senior Manager, Enterprise Risk

Summary

Join FloQast's growing InfoSec & Compliance department as a Senior Manager, Enterprise Risk. This role involves collaborating with various teams to assess, manage, and mitigate risks across the organization. You will design and implement compliance with FloQast's risk management requirements, manage risk-related elements, and advise key personnel. The position requires significant interaction with all departments to coordinate risk management activities for audits and regulatory reviews. You will play a fundamental role in shaping the future of risk management at FloQast. Visa sponsorship is not available.

Requirements

• Bachelor's degree
• 7+ years of experience working in compliance, policy, risk management or a related field, with SaaS experience required
• Highly collaborative, detail-oriented, intellectually curious, with strong organizational skills and an authentically friendly demeanor
• SOC 1 and SOX Compliant Risk Assessment Experience
• Builder mindset, comfortable sharing ideas, trying new approaches and is focused on achieving team and company short and long term goals
• Flexible and adaptable in high growth, start-up environment
• A sound understanding of qualitative and quantitative risk assessment, measurement, and treatment methodologies
• Experience managing risk programs in at least one of the following domains: enterprise/executive, product, project / major business initiative, security / IT
• Familiarity with standard business processes of exposure-limiting functions such as Legal, Information Security, Human Resources, and Finance

Responsibilities

• Conduct, oversee, and integrate risk assessments across multiple domains, including Finance, Legal, R&D, and Information Security
• Oversee SOC 1 controls throughout the product’s evolution and growth, including supporting escalated audit questions and policy updates, facilitating product roadmap reviews and evaluating product changes for compliance impacts, responding to customer questions about the SOC 1 report, and working with the product team to incorporate new SOC 1 controls in a planned and strategic manner
• Develop a close partnership with control owners to review and provide risk-appropriate control requirements for organizational changes that impact FloQast’s compliance requirements
• Gather and scale data to interpret risks across FloQast’s entire organization
• Run calculations, escalate issues to the correct departments, and actively participate in collaborative meetings to provide innovative solutions to issues
• Identify risk trends through external research and monitoring of regulatory priorities and customer & market sentiment
• Be innovative and always think about ways to reduce manual processes. Partner with various automation teams to drive automated processes within the risk management function
• Any other projects as assigned to help the company meet its goals

Preferred Qualifications

Certification in one or more of the following: CIA, CISA, CISSP, CISM, Cloud platforms such as AWS, Azure or GCP

Benefits

• Medical, Dental, Vision
• Family Forming benefits
• Life & Disability Insurance
• Unlimited Vacation
• Participation in our Employee Stock Program