About NetApp
NetApp is the intelligent data infrastructure company, turning a world of disruption into opportunity for every customer. No matter the data type, workload or environment, we help our customers identify and realize new business possibilities. And it all starts with our people.
If this sounds like something you want to be part of, NetApp is the place for you. You can help bring new ideas to life, approaching each challenge with fresh eyes. Of course, you won't be doing it alone. At NetApp, we're all about asking for help when we need it, collaborating with others, and partnering across the organization - and beyond.
Global Security Compliance Lead
Cork, IrelandJob Summary
The Global Security Compliance Lead is a key role in ensuring regulatory compliance with CRA and NIS2 regulations within Business Units across NetApp. The Compliance Lead will be responsible for partnering with NetApp Business Units and the SDL team to communicate, verify, and track internal compliance to NetApp policies and standards, industry standard requirements, external certification controls, and customer expected controls. The Compliance Lead will support creating/reviewing documentation, reporting, developing compliance controls, and identifying risks in a system of record.
Job Requirements
• Lead and facilitate control testing discussions related to CRA and NIS2 regulations with senior leaders and communicate status to leaders.
• Work with SDL teams to ensure regulatory compliance through education, training, and control creation.
• Create, review, map, and update cybersecurity controls based on CRA, NIS2, industry standards, and customer expectations.
• Assist the Sales department in the completion of customer questionnaires related to CRA and NIS2 compliance.
• Communicate with other business units and peers to determine appropriate scope and test control statements.
• Collaborate with internal business units and the SDL team to provide evidence and/or information for internal and external audits.
• Collaborate with Global Security and/or other internal business units to collect supporting evidence.
• Identify, plan, track, and coordinate risk remediation according to internal risk frameworks.
• Communicate gaps in processes/compliance requirements with the Global Cybersecurity Assurance Team as necessary.
• Assist in reviewing customer/partner contracts for Information Security requirements related to CRA and NIS2.
• Ensure all Security policy and procedures are documented and updated according to Global Security Standards, deadlines are met, approvals obtained, guidelines followed, repository usage understood, and repository/system of record up-to-date as defined by the Global Cybersecurity Governance program.
• Lead and support industry and customer audits to ensure compliance with CRA, NIS2, and other relevant regulations.
• Prepare and present audit findings to senior management and stakeholders, providing recommendations for improvements.
• Monitor and track audit remediation efforts to ensure timely and effective resolution of identified issues.
Education
• Bachelor's degree in business, accounting, finance, computer science, information systems, engineering, or a related field strongly preferred; equivalent combination of education and experience may be substituted in lieu of degree.
Minimum Qualifications
• At least two (2) years of GRC (governance, risk, compliance) experience with methodologies, activities, tools, and enablers in a technology-related industry and five (5) – seven (7) years of experience in business process analysis, project methodology, or systems development life cycle through education or on-the-job experience, required.
• Ability to demonstrate a strong understanding of various compliance and regulatory areas (e.g., CRA, NIS2, GDPR, DFARS/NIST 800-53, ISO27001, and SOC2).
• Experience with cloud hyperscalers (i.e., Amazon, Google, Azure) and compliance requirements in the cloud.
• Excellent written and verbal communication skills.
• Strong analytical and problem-solving skills.
• The ability to work well with people from many different disciplines with varying degrees of technical experience.
• The ability to adapt to a dynamic, rapidly changing business and technical environment.
Preferred Qualifications
• Information security-related training or certifications such as CISSP, CISA, or CRISC.
• Project management experience.
• Experience performing information security audits or risk assessments.
• Familiarity with security audit or risk management processes.
At NetApp, we embrace a hybrid working environment designed to strengthen connection, collaboration, and culture for all employees. This means that most roles will have some level of in-office and/or in-person expectations, which will be shared during the recruitment process.
Equal Opportunity Employer:
NetApp is firmly committed to Equal Employment Opportunity (EEO) and to compliance with all laws that prohibit employment discrimination based on age, race, color, gender, sexual orientation, gender identity, national origin, religion, disability or genetic information, pregnancy, and any protected classification.
Why NetApp?
In a world full of generalists, NetApp is a specialist. No one knows how to elevate the world's biggest clouds like NetApp. We are data-driven and empowered to innovate. Trust, integrity, and teamwork all combine to make a difference for our customers, partners, and communities.
We enable a healthy work-life balance. Our volunteer time off program is best in class, offering employees 40 hours of paid time per year to volunteer with their favourite organizations. We provide comprehensive medical, dental, wellness, and vision plans for you and your family. We offer educational assistance, legal services, and access to discounts. Finally, we provide financial savings programs to help you plan for your future.
If you want to help us build knowledge and solve big problems, let's talk.
Submitting an application
To ensure a streamlined and fair hiring process for all candidates, our team only reviews applications submitted through our company website. This practice allows us to track, assess, and respond to applicants efficiently. Emailing our employees, recruiters, or Human Resources personnel directly will not influence your application.
Related content
Diversity, equity, inclusion, and belonging
We are a collection of diverse people from around the world with our own individual stories. We share the drive to create innovative, world-class products. We're One NetApp, and we find strength in celebrating our individuality.
NetApp Entry Level Careers Program
The NetApp Entry Level Careers Program is designed to help you grow your career, sharpen your skills, and foster meaningful relationships. When you join the Program, you join a diverse, global community where innovative ideas flourish.
Find your ideal job
In a world consistently defined by new expectations, can you quickly adapt for the success of our customers? We reward innovation and problem-solving.
Jobs for you
- Senior Client Executive , United States
- SLED Account Manager NY , United States; New York, New York, United States
- Solution Engineer, Enterprise Sales (Indiana / Ohio Markets) , United States; Columbus, Ohio, United States
Your recently viewed jobs will appear here.
You have no saved jobs. Start browsing jobs here
Recruitment scam warning
When conducting a job search, you’re bombarded with outreach. Here are tips to keep you safe from recruitment fraud.
Stay in touch
Equal Opportunity Employer*
NetApp is firmly committed to Equal Employment Opportunity (EEO) and to compliance with all federal, state and local laws that prohibit employment discrimination based on age, race, color, gender, sexual orientation, gender identity, national origin, religion, disability or genetic information, pregnancy, protected veteran status and any other protected classification. We pledge to take every reasonable step to ensure that our applicants and employees are respected, treated fairly and with dignity. See the EEO poster, Know your rights poster, and NetApp EEO policy. NetApp makes reasonable accommodations, consistent with applicable laws, for religious purposes and for the known physical or mental limitations of an otherwise qualified applicant or employee with a disability, who can perform the essential job functions unless undue hardship would result.
State-specific postings/notices to applicants regarding contract compliance can be found here in English and here in Spanish, and fair employment practice information can be found here.
Reasonable accommodation
If you are an applicant with a physical or mental disability requiring an accommodation, or you require a religious accommodation for any part of our application process, please email careers@netapp.com. Each request for reasonable accommodation will be considered on a case-by-case basis, consistent with applicable laws and regulations. Please note, this email address is only for accommodation requests; we do not accept unsolicited resumes.
Data privacy
We care about your privacy and, therefore, ask that you read our Candidate Privacy Notice before you submit any personal information to us.
NetApp does not carry out any solely automated decision making (i.e. the process of making a decision by automated means without any human involvement) in determining your suitability or eligibility for specific roles.
However, the processing of your personal information is carried out with the aid of manual and automated tools. In particular, NetApp may use an automated employment evaluation tool or similar tool as one of several tools, actions, and/or steps to assist with NetApp’s review of candidate applications for various hiring needs. Currently, when addressing certain hiring needs, NetApp uses the Eightfold tool which can provide an initial ranking of a candidate’s skills and experience, based on information provided by the applicant in the application and/or supporting documentation, in comparison to the NetApp designated key requirements of a specific role. Additionally, the tool may be used to help review and/or rank internal employees seeking promotion or other internal mobility. However, our talent acquisition team or our recruiters will ultimately select the candidates for further consideration, following human review of any automated evaluation results and associated underlying documentation (or lack thereof) submitted with the candidates’ application.
An independent audit of the Eightfold Matching Model tool can be found at https://eightfold.ai/nyc-eightfoldmatching-model.
Candidates may request an alternative selection process which will not be subject to the Eightfold matching tool or to any electronic automated employment evaluation by contacting NetApp at careers@netapp.com. To bypass the Eightfold matching tool or any electronic automated employment evaluation, you must include a resume and job ID with your email to careers@netapp.com and you must include in the subject line of your email: Data Privacy Request. Candidates who have questions or want to request additional information on the source of data, type of data, and/or collection of data related to the candidate review process should contact NetApp at careers@netapp.com
Submitting an application
To ensure a streamlined and fair hiring process for all candidates, our team only reviews applications submitted through our company website or to our careers@netapp.com email address as outlined above. This practice allows us to track, assess, and respond to applicants efficiently. Emailing our employees, recruiters, or Human Resources personnel directly will not influence your application.