ID.me

  • Director of Risk and Compliance

    Location : Location US-VA-McLean
    IT and Security
  • Overview

    ID.me is looking for a Director of Governance, Risk, and Compliance (GRC). This role will support ID.me in achieving and maintaining its industry certification programs across ISO 27001, SOC, PCI-DSS, and FedRAMP. As a member of the Information Security team, the Director will work with external auditors and identify gaps in existing security controls, while ensuring alignment to applicable industry standards. The Director of Risk and Compliance will work internally with business units to collect evidence required for compliance requirements into the end-to-end DevOps and SecOps management processes. The Director is a business-enabler for the technology teams who helps shepherd and embed security into ID.me systems. The role requires previous experience within an Information Security department where you performed audits, risk scoring, security controls assessments, and/or security compliance activities.

    Responsibilities

    • Assist in assessing the feasibility and cost requirements for business initiatives
    • Influence both technical and non-technical audiences to meet security requirements
    • Lead, collaborate, and influence others to devise or modify processes and procedures to achieve security compliance requirements
    • Develop, implement, and coordinate the GRC program to manage risk and compliance of third party vendors and suppliers
    • Develop, implement, and maintain security policies, standards, and guidelines
    • Perform security program maturity self-assessments and recommend changes and new initiatives

    Qualifications

    • 6+ years of experience with compliance frameworks such as ISO/IEC 27001, SOC 2, Kantara, FedRAMP, and/or PCI-DSS.
    • 10+ years of experience in information technology.
    • Security Certifications such as CISSP, CISM, or CISA.
    • Experience with GRC tools.
    • Detail oriented.
    • Agile, proactive, comfortable working with all levels within the organization. 
    • Able to prioritize on the fly.

    ID.me is a venture backed company in hyper-growth. We are adding about a new million users per month with more than 30,000 new users signing up per day. We have had negligible business customer churn since inception, and we almost always significantly upsell and cross-sell accounts after establishing a relationship.

    Our Mission:
    To make the world a more trusted place by enabling transparent and efficient interactions between people and organizations.

    Our Core Values:
    *Don't be a jerk. *Always compete. *Ask questions like a 5-year old. *Inspire people with your passion. *Make something better every day. *Treat each customer like your favorite family member. *Own your mistakes so you can learn from them. *Details are everything. *Act like a scientist, not a talking head. *Be truthful (even when it's hard). *Reflect ID.me's values in your actions. *If the rule prevents the right outcome, then break the rule.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed