The Information Security & Privacy Compliance Manager will be responsible to plan, operate, maintain, and finalize cybersecurity and data protection policies, procedures, and records as part of the Pexip ISMS. The role will work to deliver the objectives within the Pexip Information Security strategy and further enhance the Pexip ISMS program that identifies and addresses security and privacy risks and requirements, as well as maintain and monitor the information security best practices as they develop.
We are looking for a candidate with experience in the daily operational management of cybersecurity and privacy practices in support of technology service and software product offerings to business partners and customers; that has passion for information security standards, privacy regulations, and cloud technology. The role will report to the Director of Business Operations, and the working location will be Oslo, Norway.
- Day-to-day execution of cybersecurity and data privacy operational activities
- Owner of relevant security policies and procedures
- Assess new and existing vendors and technologies to understand and mitigate information security and data privacy risks
- Keeping the Pexip ISMS system up to date
- Coordinating and executing internal security audits
- Coordinating security certification audits and customer security audits
- Support sales and customers as needed in understanding Pexip’s security and privacy controls; security assessment questionnaires; review contract terms and data processing agreements to ensure alignment between commitments, capabilities, and compliance qualifications
- Handle internal and external information security and data privacy requests effectively and in a timely manner
- Monitor and report on the effectiveness of the Information Security Management System controls
- Coordinating security and privacy activities executed for Pexip by 3rd party companies
- Provide internal information security communication, awareness, and training, and assess the effectiveness of the training program to ensure training remains consistent and appropriately addresses cybersecurity and privacy threats and is compliance with all applicable policies laws and regulations
- Keeping an eye on new security and privacy standards and regulations, and best practices applicable for our industry
- Contribute to the information security and data privacy strategy, scope, and roadmap for Pexip
- Contribute to the ongoing success of the Pexip team
The ideal candidate has the following qualifications
- S. Degree in Computer Science or Computer Information Systems
- 3+ years’ practical experience with the implementation and support of Security or Privacy programs like GDPR, SOC 2, ISO 27001
- Working knowledge of system technology security testing (vulnerability scanning and penetration testing), incident management, risk assessment, log management, change management
- Working knowledge of data subject privacy rights, PII data handling, data protection and cookie laws, data transmission and encryption requirements, data access controls, data retention and destruction, vendor and customer assessment questionnaires, data privacy impact assessments, data breach and other cyber incident response
- Experience with cloud technologies i.e SaaS, PaaS, IaaS, analytics, and more is a plus
- Can easily explain and help applying the principles of information security and data privacy
- Has a positive attitude, inclined to find solutions to often complex challenges
- Strong analytical skills
- Excellent organisational and time management skills possessing the ability to prioritize work under pressure of time constraints
- Excellent verbal and written communication skills in English
- Excellent presentation skills with prior experience presenting to executives to achieve buy-in
- Highly productive and resourceful with a “Player” attitude
Pexip can offer an exciting workplace, with many high skilled colleagues, in an office located close to the Lysaker station in Oslo.
For any question related to this position, please contact Geir Aasen +47 98290059.
Pexip provides a unique approach to video communication on any device and across traditionally incompatible technologies such as traditional video conferencing, Microsoft Skype for Business, WebRTC in-browser video, and mobile. Pexip software is used by organizations to overcome B2B video communications and collaboration challenges or to build new innovative ways of B2C video communications channels. The Pexip solution integrates natively with multiple technology platforms and is a part of an organization’s strategic IT solution. Pexip customers exist across all industries including within financial services, healthcare, government, manufacturing, legal services, education, pharmaceutical, and countless others.
The Pexip culture builds on a strong foundation of solid values. We are passionate and love what we do. We believe in the power of video communication, and together we work to enable people to communicate better and more efficiently. At Pexip, work is not a place, but a part of your life, and something you enjoy to the fullest. Every day, we are committed to making work simpler, more productive, and more efficient for all our customers. We want to make a lasting change.
Pexip has HQ in Oslo, Norway, main offices in London, UK, Stockholm, Sweden, New York and Herndon, US and Sydney, Australia, as well as sales offices across the globe.