Staff GRC Engineering Specialist

With electric vehicles expected to be nearly 30% of new vehicle sales by 2025 and more than 50% by 2040, electric mobility is becoming a reality. ChargePoint (NYSE: CHPT) is at the center of this revolution, powering one of the world’s leading EV charging networks and a comprehensive set of hardware, software and mobile solutions for every charging need across North America and Europe. We bring together drivers, businesses, automakers, policymakers, utilities and other stakeholders to make e-mobility a global reality. Since our founding in 2007, ChargePoint has focused solely on making the transition to electric easy for businesses, fleets and drivers. ChargePoint offers a once-in-a-lifetime opportunity to create an all-electric future and a trillion-dollar market. Join the team that is building the EV charging industry and make your mark on how people and goods will get everywhere they need to go, in any context, for generations to come. Discover what it’s like to help build the fueling network of the future - check out our Engineering Blog.

Senior Manager, Security Risk and Compliance

ChargePoint is looking for a GRC Engineering Specialist, who will enhance ITGCs and automate processes for efficient and mature Governance, Risk and Compliance program, while maintaining compliance with SOX and other standards such as ISO 27001, SOC 2, PCI, and FedRamp. GRC Engineering Specialist will own the ITGC SOX program as part of second line of defense, oversee enhancement of tools and automations to streamline controls and compliance efforts across the frameworks, and champion automation efforts for security risk management including risk assessing, remediating and reporting for leadership, vendor onboarding security assessments, and customer/prospect security reviews.

This will be an amazing opportunity to continue building our GRC program while adding innovation and streamlining compliance efforts. The individual will possess deep IT and Information Security audit, compliance and risk management knowledge and use of AI, and automated tools and techniques to build into projects and assessments.

• Introduce innovative, differentiating capabilities that enhance our overall GRC program and align risk strategies with business priorities. Champion common control framework approach.
• Enhance internal processes, policies and programs by incorporating AI or other automation to streamline compliance efforts while ensuring compliance requirements are maintained
• Provide leadership to internal functions in the application, maintenance and improvement of access management, change management and operational systems, procedures and department specific processes for both current and future IT systems that come into scope
• Establish credibility and maintain a strong working relationship with key stakeholders across the business, internal and external auditors to understand their current and planned activities that impact ITGC SOX, ISO 27001, SOC 2, PCI, and FedRamp
• Partner with control owners and operators to validate the completeness and accuracy of ITGC control execution, ensuring ITGC’s are designed, ChargePoint documentation and teams are audit-ready, and controls executed and monitored effectively.
• Oversee IT SOX compliance activities, including annual planning, scoping, and collaborating with auditors for the same, walk-throughs and receipt of control evidence
• Build reporting to track and monitor overall Compliance, Risk Management and other security project status as needed for monthly and quarterly reporting to senior management

Qualifications

• Bachelor’s degree in general business, Information Systems, Engineering, Science or a related field and with a minimum of 5 years’ relevant experience.
• 8+ years of audit and project management experience leading ITGC SOX, SOC 1/2/3, or IT Internal Audit activities and programs to support compliance efforts
• Good knowledge of Sarbanes-Oxley, COBIT, ISO 27001, SOC 2, NIST 800-53, PCI DSS, commonalities across frameworks and standards
• Solution-oriented mindset and risk-based approach to identifying, evaluating and addressing critical compliance risks, operational technology risks and the relevant business and governance processes
• Experience working with and managing both internal and external auditors
• Familiarity with SAAS-based applications, such as NetSuite, Workday, Salesforce, Github, and infrastructure providers – AWS, Google Cloud from IT controls perspective and ability to understand in-house developed systems and CI/CD development processes
• Good written and verbal communication skills with the ability to influence broad range of stakeholders (Engineering, IT, Legal, Auditors, Product, Finance, etc.) and report policy and compliance results and risks
• Excellent organizational skills

Location
Remote or India - We are committed to an inclusive and diverse team. ChargePoint is an equal opportunity employer. We do not discriminate based on race, color, ethnicity, ancestry, national origin, religion, sex, gender, gender identity, gender expression, sexual orientation, age, disability, veteran status, genetic information, marital status or any legally protected status. If there is a match between your experiences/skills and the Company needs, we will contact you directly. ChargePoint is an equal opportunity employer.
 Applicants only - Recruiting agencies do not contact.