Job Description

• Bangalore, India; Hyderabad, India;

Your opportunity

New Relic is seeking a GRC Administration Manager to join our global Compliance team. This role will ensure that New Relic is conducting its business in full compliance with all applicable laws and regulations. Specifically, the manager will help the U.S. team maintain momentum and velocity on all required compliance responsibilities. The manager will have an opportunity to oversee a small group of two individuals supporting the U.S. team in matters of RFP/RFI and third-party supply chain risk management. From time to time, the manager will use their knowledge and expertise in Security and Compliance GRC to assist with our annual audit cycles and other related GRC administrative functions. Most of all, the manager will be a key relationship builder between cross-functional teams globally that closely interact with the Compliance team. 

What you'll do

• Oversee a small team of Information Security Engineers
• Support US based team in security risk management of regulatory compliance frameworks such as SOC 2, SOX, HITRUST, HIPAA, FedRAMP and PCI-DSS. 
• Support all facets of integrated security governance, risk, and compliance management. 
• Conduct risk assessments to identify potential risks and vulnerabilities across third-party vendors. 
• Support GTM requests for information on New Relic’s security practices and frameworks. 
• Perform GRC tasks such as audit evidence collection, policy management life cycle, control evaluation and control testing, mapping findings to risks and socializing results. 
• Support development of automation that minimizes GRC operational overhead. 
• Develop and maintain strong working relationships with key stakeholders, technology leaders, and internal technology control and process owners.

This role requires

• Knowledge of or experience working with, Cloud technologies/environments, AWS, Azure, GCP, IBM or other related cloud experience is required.
• A minimum of 2 years in a managerial role (certain supplemental technology experience is acceptable, such as cyber security, networking, sys administration, development, etc.).
• Strong critical thinking, analytical and organizational skills, along with strong verbal and written communication skills, including ability to write clear and concise audit recommendations and reports, and negotiations skills.
• You have built productive relationships with stakeholders, including Technical Operations, Security Operations, Technical Compliance, etc..
• Familiarity and applied working knowledge of IT controls and governance frameworks, such as NIST CSF, COBIT, ISO 27001.
• An ability to multitask and manage multiple audit projects at different stages, from planning through fieldwork, reporting, and audit closure.

Bonus points if you have

• Knowledge of or experience working with Agile methodology and GRC tools 
• A bachelor's degree in a technology discipline (Computer Science, Information Systems Management, Cyber Security, etc.) and/or certifications (e.g., CRISC, CISSP, CCIE, CISM, CISA, CCSK)
• 5 to 7 years of technology audit in Big Four and/or Internal Audit