Risk and Compliance Lead at Samasource

About the Job:The Risk & Compliance Officer is responsible for advocating, monitoring, and enforcing compliance through controls, policies, standards, and procedures. In this role, you will be working with senior leaders within the Global Service Delivery and Trust teams to achieve and maintain government (namely GDPR & CCPA) and industry certifications (namely but not limited to SOC2, ISO 27001, ISO 9001, BCP) required by our clients.

The Risk and Compliance Lead will also be responsible for driving our current compliance efforts, managing the external & internal audit plan, updating existing controls, providing leadership and coaching to all of the Corporation’s departments, managing third-party auditors, maintaining certifications and roadmap to future certification.

Key Responsibilities: 

• Lead, support, coach, and evaluate the performance of a team of auditors within the Compliance unit.
• Work with all business functions to understand the security risks and compliance requirements, develop and maintain the security & compliance roadmap & strategy
• Develop and maintain compliance & security documentation, policies, guidelines, frameworks, standards, and procedures.
• Communicate policies and procedures to stakeholders inside and outside the company.
• Develop and direct the implementation of compliance & security standards, regulations, and best practices for the organization namely but not limited to SOC2, ISO 27001, CCPA, GDPR.
• Oversee global compliance & security awareness strategy and programs fostering a culture where compliance & security is everyone’s responsibility.
• Coach Head of Departments about SOC, CCPA & GDPR compliance program and their assigned controls and recommend improvements to teams for their assigned controls.
• Ensure compliance with critical controls on a regular basis.
• Manage audits by external and internal auditors. This could be audited for client requirements, ISO standards, and any other applicable audit requirements.
• Facilitate with certifications which including, but are not limited to, ISO 9001, BCP, and ISO 27001.
• Partner with Sales and Customer Success teams to close business and ensure customers understand our security posture.
• Respond to requests in a timely manner from the Compliance Trust Services team to meet service level agreement commitments for responding to customer and prospect requests.
• Review compliance and audit-related matters.
• Identifying gaps with controls assigned to Sama teams.
• Determine whether supplied artifact(s) by teams meets SOC, CCPA, ISO & GDPR requirements.
• Support trust in writing Section III of the SOC2 report.
• Lead Enterprise Risk Management processes and framework adherence across Global Service Delivery teams.

Minimum Qualifications

• Bachelors Degree or higher in a relevant field
• 3 – 5 years experience in a global compliance role and or security auditing role
• Experience in project or program management.

Preferred Qualifications

• Certification as ISO Lead auditor for ISO 9001, ISO 27001 & ISO 22301.
• Certification in risk & compliance management is an added advantage
• Projects involving coordinated efforts across large cross-functional teams
• Previous experience with CCPA & GDPR
• Interest and desire to obtain CISSP, CISA, or other globally recognized security, compliance, or audit certifications.

Our Culture:

Sama is quite unique. We are a technology company with a social mission. People that thrive in a high-growth environment, love working on the bleeding edge of technology, and really care about having a positive impact on the world are a great fit for the Sama culture. Our core values are grit, integrity, humanity, and GTD (Get Things Done).

At Sama, we pride ourselves on being a diverse and equal opportunity employer.