Canonical – We deliver open source to the world faster, more securely, and more cost-effectively than any other company. We develop Ubuntu, the world’s most popular enterprise Linux from cloud to edge, together with a passionate global community of 200,000 contributors. Ubuntu means ‘humanity to others. We chose it because it embodies the generosity at the heart of open source, the new normal for platforms and innovation. Together with a community of 200,000, we publish an operating system that runs from the tiny connected devices up to the world’s biggest mainframes, the platform that everybody uses on the public cloud, and the workstation experience of the world’s most productive developers. Secure and reliable, elegant and intuitive, and open for innovation – Ubuntu is the future of open source, which is why it’s the fastest-growing Linux in the world despite already being the most widely deployed.
We are recruiting to fill the position below:
Job Title: Compliance Manager
- The Information Systems (IS) Compliance Manager leads our work to achieve relevant certifications such as SOC2 as well as compliance with regulatory frameworks such as GDPR.
- This role is to ensure that Canonical conducts its business processes in compliance with laws and regulations, international standards, and accepted business practice.
- This position is for an individual with the knowledge, drive and personal motivation to set up a strong governance framework in a fast-growing tech company, as well as help it achieve/maintain the necessary compliance certifications. It requires a background in internal audit or IT general controls and an appreciation of the challenges involved in driving security/compliance initiatives in a software engineering organization.
- This role can be home or office based. Periodic international travel for training and business meetings is required.
- Shape and drive the company risk management and internal control framework
- Maintain and develop security policies, and verify compliance with those policies
- Work with our Legal team to respond to internal and external compliance issues
- Collaborate closely with leaders to understand their security, privacy and compliance requirements
- Make sure that customer data is safeguarded and used ethically and responsibly
- Organize and conduct Risk/Privacy/Compliance training and assessments
- Educate and inform employees about our practices and standards
- Manage internal and external audit and testing programs, reporting risks that need correction
- Prioritize compliance work
- Coordinate activities with external consultants and internal stakeholders for quality compliance (e.g. ISO 9001, 15504)
- Review and respond to security questionnaires and contract questions from customers
Required Skills and Experience
- Bachelor’s Degree (or equivalent) in Computer Science, Information Systems or a related field
- Familiarity with procurement compliance obligations, contractual security and privacy
- Experience defining and implementing appropriate methodologies for auditing, takedown processes and law enforcement
- Ability to be an ambassador for compliance policies and procedures within a highly technical software organization
- You can speak articulately about situational awareness, change management, and access control
- Demonstrated ability to explain risk assessments, actions needed, and cost implications
- General understanding of international privacy and compliance legislation, including the GDPR
- Experience working with legal, audit, and compliance staff
- Experience developing and maintaining policies, procedures, standards, and guidelines
- Experience driving risk-based decisions supporting business owner expectations and needs
- Valuable experience:
- Affinity with Open Source software with regards to compliance
- Knowledge and experience of applicable frameworks and regulatory requirements, e.g. ISO 2700x, PCI-DSS, NIST
- Technical or engineering background, including software development, scripting, networking, and cloud architecture.
Application Closing Date
Method of Application
Interested and qualified candidates should:
Click here to apply online