Director, Compliance and Privacy

The Director, Compliance and Privacy will lead in a variety of operational, technical, corporate, and compliance matters. As a member of the MX’s Information Security team, you’ll work across a variety of teams including, security, legal, and sales. This position will report directly to the VP, CISO and manage a compliance team to support them.This position’s primary role will be to drive best in class Security, Risk & Privacy programs and policies that will safeguard the company and its partners. 

Job Duties

• The (GRC) Director’s primary role will be to drive best in class Compliance, Risk & Privacy programs and policies that will safeguard the company and its partners

• Develop, enhance, operationalize enterprise-level security, risk and privacy policies, processes and controls to mitigate risk and comply with applicable laws and regulations

• Performing activities to monitor and assess the security, risk and privacy controls on an ongoing basis as part of an Internal Controls Program.

• Manage the audit programs for PCI, SOC2, and other regulatory compliance requirements. 

• Lead the company wide Enterprise Risk Management program, working closely with the operational departments (Legal, Engineering, Sales, Support, Operations, …) to develop, monitor policies and standards in compliance with applicable privacy policy & regulations

• Collaborate with key stakeholders to review projects, business critical systems and related data to ensure compliance with data privacy laws, and if necessary, perform and advise on privacy impact assessments

• Complete ownership and responsibility to answer privacy questionnaires and client required privacy information

• Responsible for all internal and external audits and customer inquiries (as it relates privacy, security & compliance)

• Lead the development and ongoing management of privacy programs across the company across all locations / jurisdictions

• Implement measures and a governance framework to manage data use in compliance with laws and regulations, including developing templates for data collection, assisting with data mapping, and vendor management reviews

• Identify, track, monitor and report on privacy controls and all applicable Data Privacy requirements

• Provide recommendations to stakeholders when appropriate

• Responsible for the regulatory security and privacy training of all employees and contractors

Job Requirements

• An compliance-minded leader that has a strong sense of integrity and the ability to balance business interests with the need for compliance standards

• Bachelor’s degree in the IT/Technology or legal field

• 12+ years of experience in Information Security and/or Data Privacy and Compliance positions

• Experience leading teams and influencing stakeholders.

• Expertise in compliance standards, eg  ISO27K, SOC2, SSAE 16, NIST CSF and PCI DSS

• Strong understanding of data privacy regulations eg CCPA, GDPR, HIPAA, PIPEDA, UK DPA and Privacy Shield

• Strong understanding of regulations applicable to the Financial sector. 

• Strong understanding and experience in enabling GRC solutions and common control framework for data regulations

• Excellent project management and process improvement skills

• Ability to work independently in a fast-paced environment and handle multiple complex & confidential tasks

• Excellent communication, interpersonal skills and attention to details & deadlines

• Knowledge of standards NIST, COBIT, SABSA, is an asset

• Past experience in GRC/privacy based role for a SaaS company is an asset

• Knowledge of Business Continuity Planning is an advantage

Work Environment

At MX, we utilize a hybrid work model, which allows us to attract top talent and increase impact through collaboration. Our team members enjoy a balance of remote work and in-office days. Travel expectations for remote employees is about 15%, and the company covers travel expenses for remote employees. Local employees will utilize in-office time on a weekly basis Tuesday through Thursday. Both local and remote employees can take advantage of our incredible office space with onside perks like company-paid meals, onsite massage therapist, golf simulator, and meditation room to name a few.

Compensation

The expected on-target earnings (OTE), which is comprised of a base salary and other forms of cash compensation, such as bonus or commissions is currently $191,500 to $229,750. This pay range is just one component of MX's total rewards package. MX takes a number of factors into account when determining individual starting pay, including job and level they are hired into, location, skillset, peer compensation.

#LI-Remote

MX is proudly committed to recruiting and retaining a diverse and inclusive workforce. As an Equal Opportunity Employer, we never discriminate based on race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, military or veteran status, status as an individual with a disability, or other applicable legally protected characteristics. We particularly welcome applications from veterans and military spouses. All your information will be kept confidential according to EEO guidelines. You may request reasonable accommodations by sending an email to hr@mx.com.