Technical Program Manager – Cloud Security / Governance, Risk & Compliance Position Available In Buncombe, North Carolina

Job Description:

About NetApp NetApp is the intelligent data infrastructurecompany, turning a world of disruption into opportunity for everycustomer. No matter the data type, workload or environment, we helpour customers identify and realize new business possibilities. Andit all starts with our people. If this sounds like something youwant to be part of, NetApp is the place for you. You can help bringnew ideas to life, approaching each challenge with fresh eyes. Ofcourse, you won’t be doing it alone. At NetApp, we’re all aboutasking for help when we need it, collaborating with others, andpartnering across the organization

• and beyond.

About NetApp We’reforward-thinking technology people with heart. We make our ownrules, drive our own opportunities, and try to approach everychallenge with fresh eyes. Of course, we can’t do it alone. We knowwhen to ask for help, collaborate with others, and partner withsmart people. We embrace diversity and openness because it’s in ourDNA. We push limits and reward great ideas. What is your greatidea? About the Role As a GRC TPM in the Cloud business, you willjoin a growing Security & Compliance team within NetApp’sfastest-growing business

• https://cloud.netapp.com/ . The role isto design, implement, and assess security controls from a technicallens. If you are passionate about doing Security & Compliance atthe cloud scale in an innovative and automated(compliance-as-a-code) way
• this role is for you.

The position caninfluence and impact security, compliance, and assurance effortsacross teams, products, and functions within the company. For theright candidate, the role will be shaped and scoped based on yourstrengths. We are looking at a broad set of skills. Let’s chat.

Responsibilities Drive compliance with a technical lens. Design,implement, maintain, and improve compliance programs to address keyrisks and prepare product teams for assessments against variousregulatory and compliance frameworks (ISO/IEC 27001, SOC2, PCI,NIST, FedRamp, etc.) Partner with Engineering, SRE, Product, CloudSecurity, Legal, Privacy, and Corporate Security teams tocollaborate on pragmatic solutions to security risks and complianceissues. Assist with improving internal policies, processes, andoverall security governance. Drive automation and assist with theadoption of GRC tooling within business. Perform technical gapassessments and risk assessments. Facilitate control monitoringactivities. Closely work with the Cloud Security team oninitiatives and any risks impacting your area of responsibility.

Identify opportunities that create a positive impact on ouractivities and achieve efficiencies. Maintain and optimize securitycompliance monitoring and alerting systems and advise controlowners on system policy violations. Job Requirements 5 years ofexperience in building and maintaining security risk & complianceprograms. Experience in implementing technical security controlsand assessing compliance standards (ISO/IEC 27001, SOC2, PCI, NIST,FedRamp, etc.) over infrastructure, applications, and Developmentand Cloud Engineering processes. Ability to assess security risksin a cloud environment Strong understanding of technical conceptsrelevant to cloud computing environments: virtual infrastructure(cloud resources on AWS/Azure, Kubernetes technology, andcontainers), logical access control, DevOps development process,secure coding principles, CI/CD processes, logging & monitoring,incident response, cryptography, network security, and privacy,etc. Familiarity with native security and compliance capabilitieswithin cloud providers and technologies/processes around SIEM,vulnerability scanning, cloud security configuration, endpointdetection & response tools, and other infrastructure security toolsExcellent writing and communication skills with attention to detailStrong project management and organizational skills

• must be ableto drive your own projects to completion. Ability to work in afast-paced and sometimes unorganized environment with multipleteams A big plus if you have any of these Similar experience withina SaaS product company or Big4 auditing/consulting experience witha strong focus on Security advisory Experience with FedRampEducation Bachelors or Master of Engineering
• preferably inComputers or IT. Professional certifications/ education inSecurity/Compliance
• AWS certifications, CISA, CISSP, CCSK, CIPP,or similar

ISO 27001

Compensation:

The target salary range for thisposition is 130,050

• 193,600 USD.

The salary offered will bedetermined by the candidate’s location, qualifications, experience,and education and may be outside of this range. Final compensationpackages are competitive and in line with industry standards,reflecting a variety of factors, and include a comprehensivebenefits package. This may cover Health Insurance, Life Insurance,Retirement or Pension Plans, Paid Time Off (PTO), various Leaveoptions, Performance-Based Incentives, employee stock purchaseplan, and/or restricted stocks (RSU’s), with all offerings subjectto regional variations and governed by local laws, regulations, andcompany policies. Benefits may vary by country and region, andfurther details will be provided as part of the recruitmentprocess. At NetApp, we embrace a hybrid working environmentdesigned to strengthen connection, collaboration, and culture forall employees. This means that most roles will have some level ofin-office and/or in-person expectations, which will be sharedduring the recruitment process.

Equal Opportunity Employer:

NetAppis firmly committed to Equal Employment Opportunity (EEO) and tocompliance with all federal, state and local laws that prohibitemployment discrimination based on age, race, color, gender, sexualorientation, gender identity, national origin, religion, disabilityor genetic information, pregnancy, protected veteran status, andany other protected classification. Why NetApp? We are all abouthelping customers turn challenges into business opportunity. Itstarts with bringing new thinking to age-old problems, like how touse data most effectively to run better

• but also to innovate.

Wetailor our approach to the customer’s unique needs with acombination of fresh thinking and proven approaches. We enable ahealthy work-life balance. Our volunteer time off program is bestin class, offering employees 40 hours of paid time per year tovolunteer with their favorite organizations. We providecomprehensive medical, dental, wellness, and vision plans for youand your family. We offer educational assistance, legal services,and access to discounts. Finally, we provide financial savingsprograms to help you plan for your future. If you want to help usbuild knowledge and solve big problems, let’s talk.