Beachbody, a billion-dollar company and the leader of in-home fitness programs and nutritional products, is on the lookout for top-notch talent. We’re an equal-opportunity employer who offers competitive compensation and incredible incentive opportunities, not to mention a laid-back office filled with smart, friendly people and positive energy. We also provide free Shakeology, onsite gyms, flexible work hours, and cool product discounts. Are you ready to help us achieve our goal of helping people live healthier, more fulfilling lives? Read on.
Why is the Technology team important to Beachbody?
Beachbody’s technology team is leading the way for new opportunities in the digital realm focusing on health and fitness. They provide consumer-facing eCommerce experiences and high traffic CRM for our Coach network users which are supported by enterprise applications for Beachbody's order processing and fulfillment engine.
What will you be doing at Beachbody as Director, Technology Compliance
- Create and manage an IT compliance and risk assessment framework and regularly assess the regulatory and organizational risk to drive decisions on appropriate risk management responses of mitigation, acceptance or transfer.
- Provide business leadership to the organization to guide the understanding and management of risk, improve regulatory compliance and implement appropriate security technology and process.
- Manage internal and external security regulatory compliance and audit processes.
- Lead strategic planning in balancing business goals and prioritization of risk mitigation initiatives, ultimately driving the technical and process improvement roadmap.
- Manage 3rd party risk process for business partners, affiliates, subsidiaries, and review contracts to ensure appropriate data safeguards are included.
- Partner with internal and external designers, engineers and management to ensure system requirements for applications, data, infrastructure, and cloud services are developed securely.
- Manage the creation and maintenance of a comprehensive education and awareness program.
- Collaborate with leaders across the organization to share solutions and best practices.
- Manage the development of security policies practices and standards.
- Enacted and managed vendor management policy and performance assessment and compliance protocols.
We’d love to chat if you have:
- 10+ years technology compliance and risk management experience.
- BA / BS degree in related field or relevant experience.
- Demonstrated success::
- Recovered from significant risk exposure incident, breach situation, regulatory body audit failure, and/or material weaknesses.
- Balancing frameworks with practical experience and reality that supports business appetite and risk tolerance.
- Rollout ITGC practices with education and adoption across technology personnel with successful audit trends.
- Winning over peers, leaders and other stakeholders to become believers in what’s needed to achieve and maintain compliance standards.
- Proven track record and experience in developing and maintaining information security policy, standards and guidelines.
- Experience with PCI compliance and related process and operations Diverse technical background in Security and Risk Management combined with significant organizational and industry awareness and knowledge.
- Experience managing multiple projects of diverse scope and effectively collaborating in a cross-functional team environment.
- Experience with security industry standards (ISO 27001, NIST Cybersecurity Framework, PCI).
- Knowledge and understanding of relevant legal and regulatory requirements, such as Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry/Data Security Standard Personally Identifiable Information (PII), and General Data Protection Regulation (GDPR).
- Preferred Qualifications: IT security certifications (CISSP, CISM, CISA, GIAC, CEH or similar).
- Exceptional influencing and delivery abilities without a reporting structure.
- Excellent organizational, technical writing, oral and interpersonal communication skills, and keen attention to detail.
- Strong ability to prioritize and handle multiple initiatives in parallel as well as changing priorities.
To all recruitment agencies: Beachbody does not accept unsolicited agency resumes. Please do not forward resumes to our jobs alias, Beachbody employees, or any other company location. Beachbody is not responsible for any fees related to unsolicited resumes.