Introduce yourself, share your favorite pet pictures, talk about anything fun!
Compliance Uncomplicated Episode 5 📡🚀: An InfoSec Perspective to Digital Security Success With Nemean Services
In the fifth episode of our Compliance Uncomplicated podcast, Max Glynn—Information Security Manager at Nemean Services, recently promoted to Information Risk Assurance Manager for the entire MITMARK group—joins us to discuss digital asset security, continuous compliance, and what it takes to lead your company to information security success.Drata’s Rick Stevenson, Manager of Cybersecurity Risk Management and Compliance, Helina Medhin, Senior Community Strategist, and I go on a deep dive with Max on how to take an InfoSec approach to securing your company, and how Nemean Services walks the walk. Got a question for Max? Let’s continue the conversation below 👇 ⬇️
Ask Me Almost Anything (AMAA): Got a Question for Eden Data's Taylor Hersom? 🤔 Drop it below for our next episode! 👇 ⬇️
Got a question for Eden Data’s Taylor Hersom? Drop it below for to be featured in our next Ask Me Almost Anything episode. 🚀Ask Me Almost Anything is a series that goes behind the scenes with today’s industry thought leaders. We’ve got our own questions of course, but it’s even better when we hear directly from you!
Giveaway Alert 🔔 🚨 🎉 : Share your best practices for cloud compliance for a chance to win!
Moving “to the cloud” doesn’t free your organization from information security or data privacy concerns. In fact, you will face new risks as third-party vendors replace your on-premises systems. Controlling those cloud risks is easier when you adopt security frameworks like ISO/IEC 27001 or SOC 2.Check out this article to learn about the importance of cloud compliance. And share your best practices improve your organization’s security in the cloud below for a chance to win 🏆 a pair of airpods on us! 👀 🎧
Vendor Management Policies: Why Do You Need Them? What Are The Benefits?
A vendor management policy defines a consistent process for controlling the risks you face whenever your business works with third parties. Any interactions between your systems and those of your suppliers, customers, and contractors could open pathways through your security defenses. Controlling these risks improves security and compliance, but only if you plan ahead. Check out the full article to learn what you need to know about creating a vendor management policy. And share your thoughts with us below 👇 ⬇️ .
New Episode! 📲👀🎉:: Compliance Uncomplicated Podcast: Todd Schiller, Co-Founder and CEO of PixieBrix
Let’s Uncomplicate Compliance, Together. Compliance Uncomplicated is an interview series dedicated to simplifying the unnecessarily complex world of risk and compliance. Every business, industry, and team has unique challenges when it comes to building trust, and for many startups, compliance is a stepping stone towards that pathway. Looking to deliver a better user experience? Todd Schiller, Co-Founder and CEO of PixieBrix, says the key is making “the user the hero of the story.” 🦸 Tune in to the latest episode of Compliance Uncomplicated, where Todd joins Drata co-hosts Helina Medhin and Arlo Guthrie to discuss how technology can better bridge humans and computers, and how PixieBrix is democratizing software customization—putting the user at the center of the experience.Listen to the full episode on:🎧 Drata’s blog: https://lnkd.in/ehuhPtAQ🎧 YouTube: https://lnkd.in/eARAjpUD🎧 Apple Podcasts: https://lnkd.in/egC4pcHw🎧 Spotify: https://lnkd.in/eDncAsyw🎧 Amazon Music: https://lnkd.
How to Address 6 Major Fintech Security and Compliance Risks
Compliance has become table stakes for fintech. Here are six ways continuous fintech compliance programs address security and compliance risks. Keep reading to learn more, and check out the our blog for the full article. Cyber Attacks and VulnerabilitiesSecurity breaches are not exclusive to the fintech industry. Hackers and advanced persistent threats can exploit any company’s weaknesses. However, fintech companies often face greater risk because they work with sensitive financial data.Modern security frameworks such as SOC 2 and PCI DSS help fintech companies identify and close the gaps in their defenses. But that is not enough. A compliance program goes beyond meeting a security framework’s requirements. Continuously monitoring compliance lets you identify and close new security gaps before their impact can spread. Crypto-Asset and Other Fintech RegulationFintech companies operate in a regulatory grey area. In some cases, they may not be subject to a regulation that applies to th
Ask Cobalt's VP of Product, Dalyn Ward Almost Anything (AMAA)
New Episode! 📲👀🎉 Compliance Uncomplicated Episode 3: The Common Language of Security With LinearB
Let’s Uncomplicate Compliance, TogetherCompliance Uncomplicated is an interview series dedicated to simplifying the unnecessarily complex world of risk and compliance. Every business, industry, and team has unique challenges when it comes to building trust, and for many startups, compliance is a stepping stone towards that pathway. In the third episode of Compliance Uncomplicated, we interview Yishai Beeri, the CTO of LinearB. Yishai shares insights on creating a cross-departmental culture of security and the importance of automation in growth.
New Episode! 📲👀🎉 Compliance Uncomplicated Podcast: The Art of Appreciation With Client Giant
Let’s Uncomplicate Compliance, Together Compliance Uncomplicated is an interview series dedicated to simplifying the unnecessarily complex world of risk and compliance. Every business, industry, and team has unique challenges when it comes to building trust, and for many startups, compliance is a stepping stone towards that pathway.In this episode Client Giant Co-Founder and Chief Day Maker, Jay O'Brien, discusses the importance of showing appreciation in customer service, and how that builds meaningful, trusting relationships with customers. Check it out and share your thoughts with us! 👇🏽🚀
Deloitte is Hiring! SOC Procedure Support Analyst - Secret cleared
Deloitte is hiring! Check out their job description below. Position SummaryAre you looking to elevate your cyber career? Your technical skills? Your opportunity for growth? Deloitte’s Government and Public Services Cyber Practice (GPS Cyber Practice) is the place for you! Our GPS Cyber Practice helps organizations create a cyber minded culture and become stronger, faster, and more innovative. You will become part of a team that advises, implements, and manages solutions across five verticals: Strategy, Defense and Response; Identity; Infrastructure; Data; and Application Security. Our dynamic team offers opportunities to work with cutting-edge cyber security tools and grow both vertically and horizontally at an accelerated rate. Join our cyber team and elevate your career.Work you’ll doAnalyze technical solutions to help clients identify and evaluate security gaps in industrial control systems (ICS) and Operational Technology (OT) Assist in the implementation and projects from initiati
GRC Risk & Compliance Analyst at DoorDash
DoorDash is Hiring. Learn more about their role, shared below. About the RoleThe Compliance & Risk team under the Governance, Risk and Compliance (GRC) umbrella. The team is focused on providing advisory, consulting, certification and governance services to help our company continue to move fast and scale while maintaining security and achieving compliance obligations. We work cross-functionally to really understand our business partners, customer needs, and potential risks, then design policies, metrics, and compliance programs to help meet the obligations. You’re excited about this opportunity because you will…Partner with security to develop security policies and training programs Collaborate with security, engineering, IT, and partner risk functions to design, implement, and perform periodic testing of controls Manage and coordinate internal and external audits, including providing evidence of compliance Consult on various projects and product features to provide appropriate re
Are you compliant? State Privacy Policies Effective 2023
Hey Drata Community! Did you know that several state privacy policies went into effect in 2023? Those states include:California Colorado Utah Connecticut VirginiaIf you're unsure whether these laws apply to you, reach out to your legal counsel and start the discussions now. And for a quick breakdown of these laws, head over to this post by our Director of Risk and Compliance, Troy Fine. Let’s also chat about it below! 👇
Introducing Compliance Uncomplicated, the Drata Podcast 📡
Compliance Uncomplicated is an interview series dedicated to simplifying the unnecessarily complex world of risk and compliance. Every business, industry, and team has unique challenges when it comes to building trust, and for many startups, compliance is a stepping stone towards that pathway.In each episode, we’ll hear from founders, visionaries, and those tasked with building a foundation of trust for their brand. Check it out here and share your thoughts with us! 👇 ⬇️ Who would you like to see us chat with next? 👀
Connect and Collaborate with Your Auditor In One Place
We’re so excited to announce the launch of our new Audit Hub, the solution to faster, more efficient audits. The Audit Hub is an intuitive platform that streamlines every step of the audit process. With this new addition, you and auditors can communicate and collaborate in near real time, saving hours of back-and-forth communication. The platform also eliminates the possibility of misplacing crucial evidence and allows instant documentation sharing.The Audit Hub features include: Real-time collaboration Task management In-platform chat Separate “Auditor View” Past audit archive Evidence requests and approvals We are confident that the Audit Hub will revolutionize the audit process, making it more efficient, painless, and enjoyable for everyone involved. We encourage you to learn more about the Audit Hub here and see what a world without audit stress can look like. Share your thoughts and feedback with us below! 👇 ⬇️
An investment firm in Boston is seeking an Analyst to join their Compliance team
$80,000/yr - $90,000/yr · Full-time · AssociateAn investment firm in Boston is seeking an Analyst to join their Compliance team. The primary focus of this role is oversight and surveillance to protect and safeguard the firm, registered individuals, and the clients they serve. Responsibilities:Conduct onsite/remote branch reviews as part of our risk based internal branch examination process Perform daily trade blotter review and approval with a focus on exception reports Assist with performing firm’s annual supervisory controls and verification testing Review, investigate, and clear all daily Trade Summary Monthly, Account Periodic, and Account Rank surveillance reports Review and approve Advertising/Sales Literature/Public Speaking/Trade Corrections, Annuities, and Direct Business, etc. on RedOak Perform investigations of potential violation of industry and firm policies, procedures and best practices (document findings and report to CCO) Conduct email, instant messaging, social media
Techaxis is Seeking a Senior Sales Leader in Risk/Regulatory/Compliance
Techaxis, Inc - United States (Remote) They are looking for a senior sales leader who will be heading the Risk, Regulatory, and Compliance(RRC) unit as well as managing a team of other sales professionals. Coordinating with the marketing team to develop promotional strategies. Working in collaboration with business development teams as well as practice teams to bring the best possible solutions to the prospects. Skills Required -12 years of experience in selling Risk, Regulatory, and Compliance solutions Constantly learning and finding new ways of working & defining effective sales models. Outstanding sales and negotiation skills Prior experience working with offshore teams will be an added advantage. You should have demonstrated the ability to identify new sales opportunities and create/nurture new business opportunities while bringing value to customers. Familiarity with working on Sales tracking/lead generation tools You can contact hiring director directly at -Phone - (+1) 571
Fidelity Investments is Hiring a Compliance Director | Boston, MA (Hybrid)
Salary is listed at $126,000/yr - $169,000/yr (from job description) · Full-time See the listing here. The Role As a member of the Enterprise Services Compliance team, you will serve as a Compliance Director supporting Green Pier FinTech LLC, Fidelity’s newest clearing Broker Dealer. In this role, you will demonstrate your compliance expertise by designing a compliance program, proactively raising, and addressing regulatory issues and ensuring that regulatory requirements are met for the broker dealer’s various businesses and products. You will promote ethical conduct and reinforce a dedication to compliance and regulatory obligations. This role will include a blend of at-home and in-office work. Learn more about how Fidelity has embraced Dynamic Working. The Expertise And Skills You Bring 7+ years compliance and/or regulatory experience in the financial services/brokerage industry, registration and licensing experience is a plus 4-year college degree required Strong understanding of b
2023 Compliance Trends Report
This week Drata is officially releasing the 2023 Compliance Trends Report. Please use this space to discuss the report or ask any questions after looking through it.You can access the report here. If you are a Drata customer, you can skip the form and access it directly in the private customer area.Key Takeaways 100% of organizations see value in adopting continuous compliance. Over 9 in 10 companies plan to achieve continuous compliance in the next five years. 87% of organizations indicated negative outcomes as a result of low compliance maturity. 3 in 4 companies who have achieved some level of continuous compliance feel their program is a business driver. 76% of companies who follow a point-in-time compliance approach feel the related effort is a burden. IT and security professionals spend an average of 4,300 hours annually achieving or maintaining compliance.
🤫 The 2023 Compliance Trends Report is coming soon
As members of the Drata community, we wanted you all to be the first to know about an upcoming white paper being published in the next two weeks: The 2023 Compliance Trends Report. This will be a research report based on a survey of 300 established and enterprise organizations, the role compliance plays in business acceleration, and the rise of continuous compliance.You can get a preview of the report with the first article we published this week:Moving to a Proactive State of Compliance
CVS is seeking a remote Senior Manager - Data Privacy and Security
Job post via LinkedIn.Salary listed as $115,000/yr - $230,000/yr As a Senior Manager for Data Privacy and Security within the Enterprise Data Governance Team, you will be responsible for establishing and implementing the necessary frameworks to manage access and protection of CVS Health Data. You will partner with Privacy and Information Security leadership to ensure controls are sufficient to address security and privacy concerns and compliance with internal and external policies. Additionally, you will work with technology and business teams to educate and inform them on these controls and provide guidance and best practices on how to address and satisfy these requirements.
Elastic is seeking a remote Privacy & Compliance Program Manager
Job post via LinkedIn.Salary listed as $106,800/yr - $146,900/yr We are looking for a Privacy & Compliance Program Manager, reporting to our VP of Business Integrity and Privacy. This position is ideal for an entrepreneurial and collaborative candidate seeking a unique opportunity to program manage Elastic’s Privacy and Business Integrity strategy. We will consider candidates whose subject matter expertise is primarily in one area, with a basic working knowledge of the other. This is an exciting opportunity to join a dynamic, fully distributed global enterprise and execute on the continued development of its compliance and privacy programs. This is a remote position. We will consider candidates located anywhere in North America.
Prudential is seeking a remote director of global privacy
Job listed via LinkedInSalary listed as $140,300/yr - $189,800/yrThe Director of Global Privacy – International is a key member of the Global Privacy Office and is engaged in the design, implementation, and maintenance of the global privacy program across Prudential’s international operations. The individual will support Prudential’s international businesses and will lead strategic privacy projects and provide consultation and strategy around the collection, use, storage and disposal of personal information. This role represents the global oversight function (second line of defense) for the Global Privacy Office.
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.