Manager, Information Security Compliance and Third Party Risk

Requisition Number: 201278

External Description:

Description

If you want to be a key part of establishing and growing a large, global cloud and data analytics organization, then this opportunity may be for you. Teradata Corporation is a leader in delivering high power analytics to companies driving improved results and transformational capabilities. Our corporate security team is at the heart of ensuring we deliver our analytics solutions to our customer’s analytic ecosystem wherever they deploy our technology (on premises, managed cloud or public cloud). We are actively driving toward next generation service capabilities building on our already best in class services and consultants.  We are helping customers determine how to maximize the opportunities enabled by cloud and how to successfully navigate towards the cloud mandates that many of our large, global customers have in place.    

The Manager of Information Security Compliance and Third Party Risk will leverage broad technical knowledge of the security controls implemented at Teradata and provide requirements for compliance to security and privacy regulations. This is a global role with responsibility for responding to compliance requirements and customer security audits worldwide.

The ideal candidate will have experience and proven track record of analyzing the requirements for security and privacy assessments and prepare responses to client audits. Strong interpersonal skills are required to meet with clients and support onsite audits of Teradata controls. This position will be primarily responsible for designing, implementing, and maintaining our security compliance program. Working closely with the business units, to advise on risk, consult on compliance requirements, build security awareness, enforce policies, respond to customer security questions, perform audits of Teradata suppliers, and manage third-party due diligence. This position will operate our third-party risk assessment process, and track and report on gaps to closure and final resolution

Key Areas of Responsibility 

Direct hands-on expertise in the following areas of information security:

Third-Party Risk Management

• Identify security and privacy regulatory requirements
• Perform risk analysis of Teradata suppliers
• Perform and/or support due-diligence of Teradata suppliers
• Develop and maintain a third-party risk registry
• Track third-party compliance with Teradata’s security requirements
• Ensure committed remediation tasks are complete

  Teradata Customer Audit  

• Understand Teradata’s security controls
• Respond to customer/prospect security requests (security documentation, independent penetration tests, etc.)
• Provide evidence of Teradata’s controls
• Negotiate remediation as required
• Track findings and work with teams to remediate risks

Security Compliance Management

• Understand requirements of security and privacy regulations
• Monitor new regulations and advise on business impact
• Develop and maintain metrics on compliance for third-parties and customers
• Coordinate with various internal/external stakeholders for pertinent compliance initiatives (SOX, ISO 27001, SOC 2 Type 2, GDPR)

Qualifications 

 

• Bachelor’s Degree required; technical certs desirable
• 7 – 10 years’ experience with internal security and compliance
• Experience achieving ISO 27001, SOC 2 Type 2 compliance
• Penetration testing experience
• Drafting/enforcing internal security policies
• Experience in IT audit, information security, or compliance
• Comprehensive knowledge of various risk and security frameworks
• Comprehensive knowledge of SOC 2, ISO 27001, HIPAA, SOX, GDPR and global data protection and privacy laws
• A strong technical understanding of cloud security challenges and controls
• A good understanding of technologies and controls including hosts, databases, networking, and applications
• Experience performing audits, risk assessments, and reviewing and developing key processes and controls
• Experience presenting and communicating to Executive Management
• Ability to effectively work and collaborate with technical and non-technical resources
• Strong organizational skills
• Requires the ability to travel international and the ability to work within a 24x7 environment

 

#LI-WR1

wr-security

 

CountryEEOText_Description: Teradata invites all identities and backgrounds in the workplace. We work with deliberation and intent to ensure we are cultivating collaboration and inclusivity across our global organization. ​ We are proud to be an equal opportunity and affirmative action employer. We do not discriminate based upon race, color, ancestry, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related conditions), national origin, sexual orientation, age, citizenship, marital status, disability, medical condition, genetic information, gender identity or expression, military and veteran status, or any other legally protected status.

City: San Diego

State: California

Community / Marketing Title: Manager, Information Security Compliance and Third Party Risk

Job Category: IT

Company Profile:

Our Company

At Teradata, we believe that people thrive when empowered with better information. That’s why we built the most complete cloud analytics and data platform for AI. By delivering harmonized data, trusted AI, and faster innovation, we uplift and empower our customers—and our customers’ customers—to make better, more confident decisions. The world’s top companies across every major industry trust Teradata to improve business performance, enrich customer experiences, and fully integrate data across the enterprise.

LinkedIn Remote:

Location_formattedLocationLong: San Diego, California US