Senior Manager, GRC

As the industry leader in compensation data and technology, PayScale helps organizations #getpayright. Payscale is the only technology solution for managing compensation that provides multiple streams of fresh, transparently curated and validated salary data. Combined with modeling engines that learn continuously and generate recommendations and insight, Payscale empowers HR to price jobs and adjust compensation to reflect real-time changes in the market — all on one trusted data platform. With Payscale’s Adaptive Compensation Advantage, teams operate with efficiency, focused on outcomes rather than manual data management. To learn how companies like The Washington Post, Perry Ellis International, United Healthcare and The New York Times rely on PayScale to attract and retain top talent, motivate and engage employees and plan their future workforce, visit payscale.com. 

PayScale is looking for an IT Audit Manager to join our Information Security Team. You will play a key role in defining, implementing, and managing the internal and external Information Security audit function. The right individual for this role will be detail-oriented, able to multi-task, and have a high level of professionalism. If you thrive by working in a fast-paced start-up environment and working with sales, compliance, and security, consider this opportunity as the next level in your professional development.

Bachelor’s degree required

7-10 years of work experience in a commercial-based SaaS company or IT Auditing firm

Experience working with multiple teams including Engineering, HR, IT, Information Security, and Sales

Working experience with various Information Security controls and IT frameworks such as CIS, COBIT, ISO, NIST, and SOX

Experience working with and managing SOC1, SOC2, and ISO27001 audits

Experience working with and configuring various ticketing and change management tools such as Jira, ManageEngine, ServiceNow, or ZenDesk

Experience with governance tools such as Archer, KCM, or ServiceNow

Experience with information security and privacy regulations (CCPA, GDPR, HIPAA, NYDFS, PCI)

Excellent communication and writing skills

Ability to multi-task and deal with deadlines

Ability to collaborate with peers, managers, clients, and external auditors

Awareness and pride in 100% client satisfaction

Boston-area based - No sponsorship or relocation available at this time

PRIMARY RESPONSIBILITIES:

Lead internal audit for the IT and Information Security functions

Verify and gather evidence and control artifacts on a continuous basis

Manage and oversee multiple SOC2 Type 2 audits

Prepare the company for additional certifications as necessary such as FedRAMP or ISO27001

Manage Vendor Information Security risk assessments and compliance (TPRM function)

Define and manage IT and Information Security based audit projects

Work cross functionally to communicate and identify IT audit weaknesses and gap

Define and manage remediation for audit process gaps and risks

Assist and manage client requested IT and Information Security audits

Benefits & Perks – The Highlights:

All around awesome culture where together we strive to:

• Pursue excellence every day
• Create customer value
• Compete to win (and lose!) as a team

As part of our culture of transparency and commitment to employee engagement, we have several programs and resources such as:

• Regular virtual company meetings
• Coffee chats
• Table for 4 Executive conversation
• Spirit Week
• Pulsing tools for continuous conversations to drive performance and career growth
• Strengths based tools designed to help employees engage with peers and managers, supported through a program called StandOut
• Access to top notch learning courses for all employees through LinkedIn Learning
• As well as constant re-evaluation of what our employees need to be successful at work!

Our more standard benefits include:

• Flexible Paid Time Off program – most employees average around 3 weeks per year
• 14 paid holidays including Independence Week, Juneteenth and World Mental Health Day
• 3 comprehensive health plans to fit your unique needs; plans have up to 100% company-paid premium coverage for employee Medical, Dental and Vision
• Access to Premera’s Healthcare Services including an Employee Assistance Program (EAP), 24-hour Nurse Hotline, Telehealth (Doctor on Demand), Talkspace, and other virtual care options
• Flexible Spending Account (FSA) options for pre-tax employee allocations towards: Medical, Dependent Care, Parking, and Transit
• Company Paid Short Term Disability, Long Term Disability, and Life Insurance
• Comprehensive Paid Parental / Adoption Leave program
• 401k program with fully vested, immediate company match

Equal Opportunity Employer: We embrace equal employment opportunity.

Payscale is committed to a policy of equal employment opportunity for all applicants and employees. It is our policy that employees will not be subjected to unlawful discrimination on the basis of race, color, religion, sex, age, national origin or ancestry, physical or mental disability, veteran or military status, marital status, sexual orientation, political ideology and any other basis protected by federal, state, or local laws. This policy applies to all terms and conditions of employment, including but not limited to: recruitment, hiring, transfers, promotions, training, discipline, termination, compensation and benefits, performance appraisals, education, and social and recreational programs.