ITCG Project Manager

Klaviyo Inc., City of Westminster

ITCG Project Manager

Salary not available. View on company website.

Klaviyo Inc., City of Westminster

  • Full time
  • Permanent
  • Onsite working

Posted 1 week ago, 13 Dec | Get your application in now before you miss out!

Closing date: Closing date not specified

job Ref: 336d63ea4ae545b0819a4fd71a5111ed

Full Job Description

An exciting opportunity within the Global CISO Strategy (GCS) team whose mission is to ensure the safety and security of Klaviyos and our customers as well as deliver reliable IT services, infrastructure, solutions and expert guidance. This is achieved by providing a robust and secure technology foundation to do great work. We solve problems using technology, embrace automation, and support Klaviyo's continued scalability and sustainable employee growth in a rapidly evolving environment. The GCS team assists in developing and refining information security and IT strategy, driving organizational change, coordinating cross-functional projects, and strategically aligning global information security and IT initiatives with the broader Chief Information Security Officer (CISO) vision. The GCS team is highly collaborative and cross-functional, working closely within the Global Security Services (GSS) team, the Global Technology Solutions (GTS) team and the broader Klaviyo organization. About the role: As an ITGC Project Manager, you'll work closely with the various GSS & GTS teams from the CISO function and a wide variety of engineering, business operations and internal audit teams all under the leadership of the Senior Program Manager on the Global CISO Strategy team. You'll be primarily focused on managing projects for Klaviyo's ITGC and SOX (Sarbanes-Oxley Act) compliance as well as other information security frameworks. You'll ensure that projects are coordinated, delivered on time, and communicated well. Additionally, you will play an integral part in recommending process improvements and in helping implement those updates. This role will require a deep understanding of SOX, ITGCs, and information security best practices, as well as experience in working with engineering, technology and business teams. How you'll have an impact:

  • Design, implement, monitor, and maintain SOX ITGC controls, with engineering, business partners, CISO Function and Internal Audit
  • Coordinate large-scale SOX ITGC projects (i.e. scope expansion), define success, dependencies and ensure timely delivery
  • Provide project management and facilitate control requirements planning, progress tracking, communication, and reporting
  • Identify, assess, and advise on information security risks, processes and controls to a variety of partners
  • Perform risk analysis, develop contingency plans, and gather data from teams to proactively raise critical issues with key stakeholders for prioritization and tradeoff decisions
  • Ensure all documentation and status materials for key meetings are compiled, aggregated, and completed in a timely fashion and remain well-maintained
  • Establish and monitor plans to ensure the realization of goals and continuous improvements
  • Build relationships with internal stakeholders

    5+ years of experience either auditing or in-house at a SaaS technology company implementing ITGC and SOX related controls such as Access Management, Change Management SOC1 Type 2 and security frameworks e.g. SOC 2 Type II, ISO27001, NIST CSF, etc.)
  • Experienced in designing and interpreting remediation plans to control owners and ensure that audit issues are remediated and tracked timely
  • Experience scoping, organizing, planning, and successfully managing strategic and tactical security projects
  • Experience of leading cross-functional projects with clearly defined plans and objectives within a matrix environment
  • You are a good communicator with strong interpersonal skills who can balance persuasiveness with active listening of diverse perspectives to achieve positive results
  • You've got strong organizational, problem-solving, presentation, facilitation and follow-through skills
  • You demonstrate the use of project management techniques and tools
  • Ability to work with virtual teams to improve their technology and security practices
  • Nice to have:
  • Experience in the technology or financial services industry is preferred
  • Experience with Netsuite, Coupa, Github, Workday, Salesforce, Freshservice, Fidelity, Navan, Stripe and AWS
  • CISA, CISM, CISSP or other related security certifications is a plus
  • Certifications in project management and/or IT/Security frameworks (e.g. Project Management Professional (PMP), Prince2, ITIL, COBIT, ISO27001)
  • Knowledge of privacy legislations and regulations such as GDPR, CCPA, and PDPA
  • Experience in information security practices in cloud infrastructure, hosting and platforms

Relevant jobs