Corel is all about breaking convention to achieve exceptional things. We’re the people behind the world’s leading software and we’re obsessed with finding new ways to harness the creativity of our customers and our employees. We’re a talented, eclectic, and eccentric group that makes coming to work every day worth your while. This is not your typical tech team. We also have a healthy respect for work-life balance – so you can leave work at work.
We’re looking for a senior analyst or manager in the field of Governance, Risk, and Compliance (GRC) to bring our security practices to the next level.
You will report to our Global Business Operations and lead the company to achieve SOC 2 Type 2, ISO 27001, and other relevant industry compliance certifications. Additionally, you will help with GDPR compliance, improve security best practices among the engineering and research teams, and improve security knowledge within the company.
- Work with the IT and engineering teams to ensure common vulnerabilities and exploits (CVEs) are resolved promptly by the engineering teams
- Create, track, and report GRC metrics to the leadership team
- Develop roadmaps for and achieve compliance for Corel hosted products on SOC 2 Type 2, ISO 27001, and others
- Own the documentation for standards, policies, and processes for sales collateral and internal distribution
- Manage audits and assessments with internal and external stakeholders
- Handle compliance and audit requests in conformance with GDPR for EU customers and employees
- Serve as the IT compliance subject matter expert to the business
- 3+ years of program/project management experience
- 3+ years of information security experience
- Extensive knowledge of GRC best practices for SaaS organizations
- Successful delivery of compliance for a SaaS product to one or more security standards (SOC 2, ISO 27001, and NIST 800, for example)
- Familiarity with security standards and US and EU privacy laws (HIPAA, CCPA and GDPR)
- Experience delivering on multi-stakeholder projects
- Familiarity with SaaS architectures, software development, and deployment to cloud providers
- GRCA and GRCP certification
- CDPSE Certification is required
- CISA and CISM Certification is required
- CISM is preferred
- ITIL knowledge
Corel products enable millions of connected knowledge workers around the world to do great work faster. Offering some of the industry's best-known software brands, we give individuals and teams the power to create, collaborate, and deliver impressive results. Our success is driven by an unwavering commitment to deliver a broad portfolio of innovative applications – including CorelDRAW®, MindManager®, Parallels®, and WinZip® – to inspire users and help them achieve their goals.
It is the policy and practice of the Company to offer equal employment opportunities to all qualified applicants and employees without regard to race, color, age, religion, national origin, sex, political affiliation, sexual orientation, marital status, disability, veteran status, genetics, or any other protected characteristic.