The Splunk Security Trust Office is looking for a dynamic team member to play a pivotal role in our Governance team. Our focus is on leveraging best practices to extend our security program into the enterprise. We work hard, have fun, and are extremely passionate about security.
The successful candidate will research, write, and manage complete, accurate, and executable security policies and standards. They will oversee the dissemination and implementation of policies to the enterprise and maintain historical records/archives of policy documents through an electronic policy management platform. The individual is expected to collaborate with stakeholders, technology owners, and leadership teams.
- Documents and reviews new or revised policies, procedures, processes and/or related documents in support of business processes execution and in alignment with regulatory guidelines.
- Supports organizations across the enterprise with developing and publishing new and revised policies, standards, and operating procedures.
- Implement and ensure adoption of documented requirements.
- Update, enhance, and manage document library on schedule and with proper approval.
- Act as subject matter expert for all content owners, including supporting control objectives.
- Assist in identifying improvements to the processes for creating, publishing and maintaining documentation.
- Participate in the conversion of existing documentation to alternative delivery media.
- Apply relevant quality, regulatory standards, and best practices for readability.
- Review, edit, and enhance existing documentation or content of policy and standards, communications, webpages and other delivery media.
- Understands impact of regulatory developments and compliance guidelines on standards and processes, interprets and applies within policy and procedure documentation.
- Audits adherence to identify areas requiring clarification, emphasis or risk acceptance.
- Interfaces with management and staff to determine appropriate policy, procedure, and methods requirements.
- Performs research and review documents to identify gaps in documentation.
- Identifies, documents, and gathers related metrics and prepares reports as requested.
- Analyzes effectiveness of documentation and recommend improvement opportunities to management.
- 7+ years professional experience in a GRC role
- 5+ years writing or maintaining policies procedures & standards
- Experience in writing business documentation such as policies & procedures, and/or training documentation.
- Extensive experience with industry standard frameworks such as NIST, ISO, CIS, or PCI
- Ability to interact with dirverse stakeholders to resolve outstanding issues and proactively identify ways to enhance the end-user experience
- Ability to prioritize enhancements, manage workload and effectively multi-task
- Ability to perform comfortably in a fast-paced, deadline-oriented work environment.
- Ability to collaborate as a team member and deliver results.
- Ability to process information with high levels of accuracy.
Excellent organizational, written, and verbal communication skills.
- Willing to explain technical concepts and subject matters to others