GRC Director, Cyber Security

About Rokt

Rokt is the global leader in ecommerce technology, helping companies seize the full potential of every transaction moment to grow revenue and acquire new customers at scale. Live Nation, AMC Theatres, PayPal, Uber, Hulu, Staples, Lands’ End, and HelloFresh are among the more than 2,500 leading global businesses and advertisers that use Rokt's solutions to drive more value through every transaction by offering highly relevant messages to their customers at the moment they are most likely to convert.

With our December 2022 secondary transaction, Rokt’s valuation increased to $2.4 Billion. We are expanding rapidly and globally – operating in 14 countries across North America, Europe and the Asia-Pacific region with the largest office in NYC and a major R&D hub in Sydney. With 50% annual growth and a vibrant company culture, Rokt has been listed in ‘Great Places to Work’ in the US and Australia. Our award-winning culture is guided by our eight core values: smart with humility, own the outcomes, force for good, conquer new frontiers, enjoy the ride, raise the bar, communicate with impact, and disagree then commit. These values help us attract, engage, and develop the right talent around the globe and ensure we foster an environment that helps us all do our best work. Keen to join a fast-growing company and a vibrant culture? Learn more at rokt.com.

The Rokt engineering team builds best-in-class ecommerce technology that provides personalized and relevant experiences for customers globally and empowers marketers with sophisticated, AI-driven tooling to better understand consumers. Our bespoke platform handles millions of transactions per day and considers billions of data points which give engineers the opportunity to build technology at scale, collaborate across teams and gain exposure to a wide range of technology. We are expanding rapidly in our major R&D centers in NYC and Sydney. We are passionate about using intelligent systems to improve the transaction moment for retailers everywhere. Come join us and build the future!

Requirements

About the role

You will be reporting to the CISO and leading the creation of a new GRC capability in our NYC office. We have an established GRC Program based in Sydney. We are looking to leverage our existing paradigms and create a GRC presence in NYC.

We are looking for a candidate passionate about cyber security and with relevant experience in Governance, Risk & Compliance to support and continuously improve our security and privacy program. Rokt’s information security management system is ISO 27001 and SOC 2 certified; it protects personal customer data, entrusted to us by our clients who are leading global e-commerce brands with a combined 100 million transactions each month.

You will be embedded into a team of cyber security specialists and leverage their expertise to implement required controls and measure their effectiveness. It is your mission to work closely with product, engineering, legal, finance, people, and other business units to regularly audit compliance across the business.

Security is a business enabler and you are passionate about designing and implementing frictionless processes to support Rokt’s compliance program. Moving fast is your preferred modus operandi and you embrace significant improvements over small iterations.

Responsibilities

• Help to implement and automate security frameworks and controls throughout our environment
• Drive continuous improvement of our cyber security program by challenging its status quo, identifying areas of cyber risk and improvements, and following industry best practices
• Support our internal auditing program
• Drive preparation for external compliance audits and control evidence collection
• Contribute to regular risk assessments and manage our risk treatment plan
• Support Rokt’s third-party risk management program by performing risk and security assessments for new and existing vendors
• Maintain a set of performance metrics to measure control effectiveness and inform strategic decisions
• Produce and maintain quality process and standard operating procedure documentation
• Manage the processing of client security questionnaires to support client onboarding
• Coordinate Rokt’s information security calendar events such as regular penetration tests, auditing activities, reviews, etc.
• Promote a security awareness culture by keeping our training materials up to date and running occasional sessions on selected topics

Requirements

• 4+ years of relevant experience in supporting Governance, Risk & Compliance programs
• Passion for cyber security as a business enabler in a fast-paced environment
• Working knowledge in security frameworks like ISO 27000 family, SOC 2, PCI-DSS, CIS, NIST, etc.
• Internal auditing capabilities against ISO 27001 and SOC 2 are desirable
• Demonstrated ability to break down complex compliance requirements, and design and implement scalable processes that won’t slow down the business
• Experience in compliance metrics reporting with attention to detail and focus on outcomes
• Natural affinity to documentation creation and maintenance
• Strong verbal and written communication skills and stakeholder management experience with an ability to translate security and technical information into clear business language

Benefits

• Work with the greatest talent in town. Our recruiting process is tough. We hold a high bar because we have a high-performing, high-velocity culture - we only want the brightest and the best.
• Join a community. We believe the best things happen when we come together to solve complex problems and make meaningful connections with each other through interest groups, sports clubs, and social events.
• Accelerate your career. Develop through our global training events, ‘Level Up’ investment, online training courses, and our fantastic people leaders. Take your career to Rokt’speed - Grow your career in our rapidly growing company.
• Take a break. When you work hard, we know you also need to rest. We offer generous time off and parental leave policies, as well as mental health and wellness days for all employees. We also offer a paid Rokt’star Sabbatical for employees who have been with us for 3 years or more.
• Stay happy and healthy. Enjoy catered lunch 3 times a week and healthy snacks in the office. Plus join the gym on us! Rokt offers a monthly allowance to use on a gym membership or online fitness classes. We also provide all Rokt'stars access to free 1:1 coaching, therapy and digital mental wellness resources
• Become a shareholder. All Rokt’stars have stock options. If we succeed, everyone enjoys the upside.
• See the world! Along with our global all-staff events in amazing locations (Phuket, Thailand in January 2020, Hawaii in May 2022), we also offer generous relocation packages for those interested in moving to another Rokt office. We have cool offices in great cities - New York, Sydney, London, Singapore, and Tokyo.
• Get the best of both worlds with a hybrid workplace. We currently work 3 days a week in the office, allowing you to enjoy the best of both worlds (please note: this is subject to change based on the needs of the business and some support roles still require a full-time presence). One week per quarter, you also have the flexibility to work from anywhere.
• We believe in equality. Rokt is an Equal Opportunity Employer and recognises that a diverse workforce is crucial to our success as a business. We would love you to apply for one of our open roles - irrespective of socio-economic status or background, age, gender identity, race, religion, sexual orientation, colour, pregnancy, carer/family responsibilities, national and social origin, political opinion, marital, veteran, or disability status.

#LI-hybrid

Salary range: $185,000 - $230,000 + equity