Senior Security & Compliance Consultant

London, United Kingdom
Security – Security
Full-Time
8x8, Inc. (NYSE:EGHT) communication solutions help businesses transform their customer and employee experience.  With one system of engagement for cloud voice, video, collaboration and contact center and one system of intelligence on one cloud communications platform, businesses can now communicate faster and smarter to exceed the speed of customer expectations. For additional information, visit www.8x8.com, or follow 8x8 on LinkedIn, Twitter, and Facebook.

Reporting to 8x8 the Head of Global Security, Compliance and Fraud this 8x8 Senior Security and Compliance Professional will be responsible for working with numerous groups within 8x8 to ensure we're compliant with HIPAA, NIST 800-53 Rev. 4/FISMA and/or FedRAMP, ISO 27001:2013, PCI-DSS v3.2, the IT side of SOX, SOC II and/or SSAE 18 and FCC CPNI regulatory compliance standards. This will include working with our 8x8 DPO, GC and Global legal team to assist with the technical side of GDPR, California’s upcoming AB-375 and other global data privacy regulatory requirements. They will also be responsible for providing security and compliance assurance support to 8x8 Sales, Reseller Partners and our customers. This will include handling customer security and compliance inquiries, direct meetings with customer security and compliance teams and completing our customer compliance questionnaires and other requests. I will also include working with our 8x8 legal team on customer contract negotiations plus working with our 8x8 business team’s and 8x8 legal to ensure all 8x8 3rd party vendors meet our minimum security and compliance standards and then help negotiate contracts with these 3rd parties to ensure that these security and compliance requirements are agreed to legally. Responsibilities will also include working with DevOps and product management and our 8x8 AppSec team to ensure that 8x8 applications and global infrastructure meet all major regulatory requirements. Work will be done primarily at 8x8 office in London and Aylesbury.  However there will be occasional trips to Cluj, Romania and once or twice a year to San Jose, CA, USA.
 
RESPONSIBILITIES
Responsible for working with DevOPs, product management and other 8x8 groups to ensure 8x8 is compliant with HIPAA, NIST 800-53 Rev. 4/FISMA and or FedRAMP, ISO 27001:2013, PCI-DSS v3.2, the IT side of SOX, SOC II and/or SSAE 18 and FCC CPNI regulatory compliance standards.
Extensive experience with HIPAA, including Business Associate Agreements
Extensive experience with NIST 800-53 FISMA or FedRAMP
Responsible for working with our 8x8 DPO, GC and Global legal team to assist with the design, implementation and governance of the technical side of GDPR, California’s upcoming AB-375 and other global data privacy regulatory requirements
Responsible for providing security and compliance assurance support to 8x8 Sales, Reseller Partners and our customers. This will include handling customer security and compliance inquiries, direct meetings with customer security and compliance teams and filling our customer compliance questionnaires and other requests.
Responsible for working with our 8x8 legal team on customer contract negotiations.
Responsible for working with our 8x8 business teams and 8x8 legal to ensure all 8x8 3rd party vendors meet our minimum security and compliance standards and then help negotiate contracts with these 3rd parties to ensure that these security and compliance requirements are agreed to legally
Responsible for working with DevOps and product management and our 8x8 AppSec team to ensure that 8x8 applications and global infrastructure meet all major regulatory requirements
In conjunction with our 8x8 AppSec team, work with 8x8 strategy and planning in designing future architectures that enable 8x8 to meet its present and anticipated future security and regulatory compliance law goals
In conjunction with our 8x8 AppSec team, work with 8x8 product and marketing, product management and other 8x8 groups to ensure our products and solutions are engineered to enable them to meet regulatory compliance law requirements.


QUALIFICATIONS
Relevant degree preferred
Extensive enterprise level compliance responsibility experience
Track record in enterprise security
Preferred
certifications including CISSP, CISM, CISA and other certifications
Excellent communication and interpersonal skills
Extensive experience with US IT SOX compliance, HIPAA, NIST 800-53 rev. 4, ISO 27001:2013, PCI-DSS v3.2, Global Data Privacy and other regulatory requirements.
Strong organizational and problem-solving skills
Ability to work independently as well as in a team environment
Flexible schedule to accommodate 10% travel and working across time zones
8x8 is proud to provide equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics.

For 8x8 jobs located in the US: 8x8 participates in the E-Verify program.
View the Participant Poster in English | Español.
View the Right to Work Poster in English | Español.

We also provide reasonable accommodation to individuals with disabilities in accordance with applicable laws.  Learn more or email us at careers@8x8.com (Include “Reasonable Accommodation” in the subject line)

For European Job Applicants our Job Applicant Privacy Notice can be found here.