Governance and Policy Manager, Security

Remote: 
Full Remote
Contract: 
Work from: 

Offer summary

Qualifications:

Bachelor’s or postgraduate degree in computer science, cyber security, information systems, or a related field., 8+ years of experience in information security with a focus on governance, strategy, and policy management., Industry certifications such as CISSP, CISM, or CISA are preferred., Deep technical expertise in environments like AWS, Azure, and GCP, along with familiarity with regulatory frameworks..

Key responsibilities:

  • Provide strategic vision and drive the maturity of the Security Governance and Policy program.
  • Manage the lifecycle of all Adobe Technology Policies and Standards, ensuring alignment with regulatory requirements.
  • Lead the Policy Operating Committee and report to the Policy Steering Committee on status updates.
  • Collaborate with data owners to develop monitoring metrics for the Governance program and manage the Security Exceptions process.

Adobe  logo
Adobe Computer Software / SaaS Large http://www.adobe.com
10001 Employees
See all jobs

Job description

Our Company

Changing the world through digital experiences is what Adobe’s all about. We give everyone—from emerging artists to global brands—everything they need to design and deliver exceptional digital experiences! We’re passionate about empowering people to create beautiful and powerful images, videos, and apps, and transform how companies interact with customers across every screen. 

We’re on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity. We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours!


 

The Opportunity

The Adobe Security Risk & Governance team is seeking a hardworking security professional to be at the forefront of Adobe’s security governance and policy strategy. This role is pivotal to ensure that cybersecurity practices are aligned with Adobe's business objectives, regulatory requirements, and industry standards, while also effectively managing and mitigating risks to information assets and technology infrastructure. You will have the opportunity to drive 1) strategic oversight and alignment across the Security organization and 2) technology policy development and enforcement across the Adobe enterprise. This is an opportunity to have a significant impact on Adobe’s security posture.

What You Will Do
  • Provide the strategic vision, and drive maturity of, the Security Governance and Policy program at Adobe
  • Manage the end-to-end lifecycle of all Adobe Technology Policies and Standards.
  • Ensure Policies and Standards are aligned to a centralized governing strategy that includes key input from Security Architecture, Adobe Common Controls Framework (CCF), Cyber Operations, and Product Security.
  • Manage the timely renewal efforts of all Technology Policies and Standards ensuring all regulatory and audit requirements for renewal are met.
  • Head the Policy Operating Committee and provide routine status reports to the Policy Steering Committee.
  • Lead Policy and Standard content creation through clear, concise, and measurable standards.
  • Lead efforts to transform Policies and Standards into metrics that can be measured to determine enforcement level, noted exceptions, and potential risk areas.
  • Collaborate with data owners and metric teams to develop monitoring metrics for the Governance program.
  • Manage and provide oversight of the Security Exceptions process.
  • Find opportunities for the Governance program to raise potential risks and become a proactive input into the risk management function.

What You Need to Succeed
  • Bachelor’s or postgraduate degree in computer science, cyber security, information systems, information technology, or a related field with equivalent experience.
  • 8+ years in information security with experience in security governance, strategy, and policy management.
  • Industry Certifications such as CISSP, CISM, CGRC, CRISC, CompTIA SecurityX, and/or CISA.
  • Deep technical expertise in a variety of environments (i.e., AWS, Azure, GCP, metal) and domain areas (e.g., Cloud Security, Identity and Access Management, Security Monitoring and Logging, Vulnerability Management).
  • Build and maintain positive multi-functional business relationships
  • Clear communication skills and an ability to adapt a message to audiences ranging from technology SMEs to product managers to executive leadership teams.
  • Ability to solve problems and work through ambiguity and uncertainty.
  • Attention to detail balanced with the ability to absorb large amounts of information and distill it down to the essentials.
  • Must be able to communicate clearly and assertively while ensuring partners meet deadlines and complete the work.
  • Familiarity with Industry and Regulatory frameworks (e.g., NIST, SOC2, FedRAMP, ISO, PCI, HIPAA, etc.)
  • Technical writing experience a plus.

Our compensation reflects the cost of labor across several  U.S. geographic markets, and we pay differently based on those defined markets. The U.S. pay range for this position is $106,300 -- $223,000 annually. Pay within this range varies by work location and may also depend on job-related knowledge, skills, and experience. Your recruiter can share more about the specific salary range for the job location during the hiring process.

At Adobe, for sales roles starting salaries are expressed as total target compensation (TTC = base + commission), and short-term incentives are in the form of sales commission plans.  Non-sales roles starting salaries are expressed as base salary and short-term incentives are in the form of the Annual Incentive Plan (AIP).

In addition, certain roles may be eligible for long-term incentives in the form of a new hire equity award.

State-Specific Notices:

California:

Fair Chance Ordinances

Adobe will consider qualified applicants with arrest or conviction records for employment in accordance with state and local laws and “fair chance” ordinances.

Colorado:

Application Window Notice

If this role is open to hiring in Colorado (as listed on the job posting), the application window will remain open until at least the date and time stated above in Pacific Time, in compliance with Colorado pay transparency regulations. If this role does not have Colorado listed as a hiring location, no specific application window applies, and the posting may close at any time based on hiring needs.

Massachusetts:

Massachusetts Legal Notice

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Adobe is proud to be an Equal Employment Opportunity employer. We do not discriminate based on gender, race or color, ethnicity or national origin, age, disability, religion, sexual orientation, gender identity or expression, veteran status, or any other applicable characteristics protected by law. Learn more.

 

Adobe aims to make Adobe.com accessible to any and all users. If you have a disability or special need that requires accommodation to navigate our website or complete the application process, email accommodations@adobe.com or call (408) 536-3015.

Required profile

Experience

Industry :
Computer Software / SaaS
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Teamwork
  • Detail Oriented
  • Communication
  • Problem Solving

Governance Manager Related jobs