#15930
nd subject matter experts to analyse processes, business models, and controls to discover and translate risks, and provide mitigating recommendations to the leadership team. You will drive continuous process improvement, and collaborate with business and technology teams, both internally and externally to implement new solutions.
What you'll do
Perform design and operating effectiveness testing on controls to ensure compliance with SOC 2, ISO 27001/27018, C5 and HIPAA Security standards
Collaborate with control owners to review the design and effectiveness of controls, ensuring they meet certification requirements
Identify any gaps in compliance and work with relevant teams to remediate findings before the external audit
Maintain comprehensive documentation of controls, testing procedures, and evidence to support compliance efforts
Work closely with internal stakeholders, including product and functional teams, to address architectural, infrastructure, or new services that impact compliance
Assist in preparing for external audits by ensuring all necessary documentation and evidence are in place and up to date
Assess and document the impact of control gaps in SOC reports of critical third party suppliers. Identify compensating controls and follow up with business owners
Perform design and operating effectiveness testing on predefined Privacy controls to ensure compliance with GDPR
Manage and coordinate external audit activity for SOC 2, ISO 27001/27018, HIPAA, PCI and C5 external audits - maintain a project plan, schedule necessary walkthroughs, and act as single point of contact for audit requests
Identify opportunities for process improvements and implement best practices to enhance the efficiency and effectiveness of the readiness testing process
Develop controls and mitigation plans, and lead aspects of their implementation
Work with senior management to improve their controls portfolio
Provide regular status updates ensuring everyone is aware of progress and road-blockers
Promote effective teamwork, collaboration, and commitment across the Product Compliance team and the broader organisation
Seek opportunities to improve processes and collaboration to increase team output and team health
Your background
Minimum 5-7 years of experience in IT audit, compliance, or a related field
Experience with SOC 2, ISO 27001/27018, HIPAA, PCI, C5 and GDPR frameworks and requirements
Familiarity with compliance frameworks and standards such as NIST 800-53
Experience with the software development business for cloud service providers
Experience with Technology Risk Management, Compliance and Information Security
Experience with control and risk frameworks, performing compliance and risk assessments, creating controls and overseeing mitigation projects
Experience with translating compliance requirements to engineering and product teams
Experience with determining scope, timeline creation, complex project tracking, risk management, and process improvement
Familiarity with Jira and Confluence
Relevant certifications such as CISA, CISSP, or ISO 27001 Lead Auditor are highly desirable
Our perks & benefits
Atlassian offers a variety of perks and benefits to support you, your family and to help you engage with your local community. Our offerings include health coverage, paid volunteer days, wellness resources, and so much more. Visit go.atlassian.com/perksandbenefitsto learn more.
About Atlassian
At Atlassian, we're motivated by a common goal: to unleash the potential of every team. Our software products help teams all over the planet and our solutions are designed for all types of work. Team collaboration through our tools makes what may be impossible alone, possible together.
We believe that the unique contributions of all Atlassians create our success. To ensure that our products and culture continue to incorporate everyone's perspectives and experience, we never discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. All your information will be kept confidential according to EEO guidelines.
To provide you the best experience, we can support with accommodations or adjustments at any stage of the recruitment process. Simply inform our Recruitment team during your conversation with them.
To learn more about our culture and hiring process, visit go.atlassian.com/crh.