Security Assurance and Compliance Program Manager in Medford, Massachusetts at Financial Recovery Technologies LLC

Financial Recovery Technologies (FRT) is a leading technology-based services firm that helps the investment community identify eligibility, file claims, and recover funds from securities class action settlements. Our clients include some of the world’s largest institutional investors, and we’re proud to deliver results through our technology, innovation, unbiased expertise, client experience.

We are seeking a Security Assurance and Compliance Program Manager to support FRT’s information security, information technology, and compliance governance program by ensuring that the organization remains compliant with applicable legal, regulatory, and contractual obligations as well as company policies and standards.

This role will also include completing client and prospect security due diligence questionnaires, participating in client assessments, and related activities. You will serve as one of the primary points of contact for the handling of due diligence inquiries from external stakeholders on the topics of IT, Security, Privacy, and Regulatory requirements.

You will also support overall internal security awareness, IT security program management, policy maintenance, and other IT security and technology risk management efforts. This role will also be an integral part of the team managing the organization’s SOC 2 audits.

Additionally, as the Security Assurance and Compliance Program Manager, you will:

Facilitate cross-functional coordination related to Information Security, Privacy, Regulations (Compliance) and IT Security risk management initiatives

• Build relationships with and communicate compliance requirements with internal stakeholders
• Monitor and investigate current and emerging compliance topics to inform strategic direction
• Will act as team lead on legal, regulatory, and privacy topics in collaboration with the Information Security Team and with Finance
• Collaborate with internal stakeholders within IT Security, TechOps, Finance, and related teams to support ongoing technology and information risk management and governance activities
• Contribute to company-wide security awareness training initiatives

Manage client and prospect third-party risk assessments, including completion and submission of IT/security, Privacy, and Regulatory due diligence questionnaires (DDQs)

• Serve as an owner for IT Security and Compliance due diligence inquiries and assessments from clients and prospects
• Monitor company policies and standards status and track revisions/updates
• Manage the technology audit (SOC 2) process

Oversee the vendor due diligence program

• Assist with the handling of regulatory obligations in collaboration with IT Security, Finance, and Legal
• Monitor regulatory developments and assess impact to company operations, policies, and controls
• Ensure policies are aligned with regulatory expectations yet balanced to support business requirements to not be overly burdensome
• Coordinate with external counsel and advisors as needed to support regulatory requirements.
• Partner with Product Management to ensure products incorporate privacy/regulatory requirements

Our ideal candidate has:

• A minimum 3 – 5 years of IT and/or Regulatory Compliance experience
• Experience with Cyber Security frameworks
• Background working with audit standards such as SOC 2
• Experience managing third-party risk assessments or security due diligence activities
• Experience writing policies, plans, or governance documentation related to information security, technology, privacy, regulations, and risk management
• Excellent communication and writing skills
• Experience with Privacy and general Compliance topics
• Knowledge and experience working with financial institutions preferred
• Project management skills
• Security Certifications like Security+, GSEC, etc. preferred
• Intellectual curiosity, with a demonstrated commitment to continuous growth; and
• Of course, a desire to join a growing company with a vibrant, entrepreneurial culture, dedicated to being the top provider in the class action recovery space.

What FRT offers:

• Competitive salary and bonus
• Health, dental, vision
• 401k (with company match)
• Income protection plans (life, accidental death and dismemberment, short- and long-term disability) and access to a suite of voluntary benefits
• Fun, smart, diverse colleagues
• We are a hybrid company; in office, we offer:
• Close to public transit (walking distance to Wellington T on Orange Line)
• Free drinks and snacks
• Free parking onsite
• Free access to onsite gym

THIS POSITION WILL BE BASED IN OUR MEDFORD, MA HEADQUARTERS. LOCAL CANDIDATES ONLY, PLEASE.

Compensation: base salary is experience dependent and can range from $115,000-$125,000 a year (based in MA). FRT also offers a competitive annual bonus.

AGENCIES: WE ARE NOT WORKING WITH AGENCIES ON THIS REQUISITION.

FRT provides equal employment opportunities by recruiting, hiring, training and promoting applicants and employees without regard to race, color, religion, creed, national origin, citizenship status, sex, age, ancestry, sexual orientation, genetics, pregnancy, marital or partnership status, gender identity/expression, disability, handicap, status as a victim of domestic violence or other similar offenses, consumer credit history, unemployment, military obligations, veteran status or any other category protected by law.

FRT is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the application or employment process, please let us know the nature of your request and your contact information.