Principal Risk and Compliance Manager

Working at Atlassian
Atlassians can choose where they work - whether in an office, from home, or a combination of the two. That way, Atlassians have more control over supporting their family, personal goals, and other priorities. We can hire people in any country where we have a legal entity. Interviews and onboarding are conducted virtually, a part of being a distributed-first company.
Role
This position will report to the Head of Compliance Risk for the India team and join our growing team within Governance, Risk and Compliance. The team is responsible for compliance, enterprise risk management and business resilience. The Product Compliance team coordinates and guides efforts related to Atlassian cloud compliance (SOC 2, ISO 27001/27018, HIPAA, PCI and C5) and sits within the Trust organisation. You will collaborate with technical leads and subject matter experts to analyse processes, business models, and controls to discover and translate risks, and provide mitigating recommendations to the leadership team. You will drive continuous process improvement, and collaborate with business and technology teams, both internally and externally to implement new solutions.

• Design and implement controls and mitigation plans, and lead aspects of their implementation
• Facilitate reporting on findings, mitigation plans, and controls performance
• Work with senior management to create their compliance strategy and improve their controls portfolio
• Identify areas of improvement in facilitating audits with customers to refine the process and respond to customer inquiries promptly
• Formalise and lead improvements of GRC function operations - processes, metrics, reporting, and analytics
• Provide regular status updates ensuring everyone is aware of progress and road-blockers
• Work with product and functional teams to understand and respond to their compliance and assurance needs and concerns
• Manage compliance related programs including the performance of gap assessments for new compliance frameworks
• Promote effective teamwork, collaboration, and commitment across the Product Compliance team and the broader organisation
• Seek opportunities to improve processes and collaboration to increase team output and team health
• Perform regular risk assessments for your business function
• Prepare annual audit plans, develop audit direction, and align with stakeholders on audit timetables
• Develop timeline for internal readiness assessment activities and obtain alignment from all stakeholders
• Maintain comprehensive documentation of controls, testing procedures, and evidence to support compliance efforts
• Work closely with internal stakeholders, including product and functional teams, to address architectural, infrastructure, or new services that impact compliance
• Identify opportunities for process improvements and implement best practices to enhance the efficiency and effectiveness of the readiness testing process
• Develop controls and mitigation plans, and lead aspects of their implementation
• Work with senior management to improve their controls portfolio
• Provide regular status updates ensuring everyone is aware of progress and road-blockers
• Promote effective teamwork, collaboration, and commitment across the Product Compliance team and the broader organisation
• Seek opportunities to improve processes and collaboration to increase team output and team health

• Minimum 8+ years of management experience in IT audit, compliance, or a related field
• Experience with SOC 2, ISO 27001/27018, HIPAA, PCI, C5 and GDPR frameworks and requirements
• Familiarity with compliance frameworks and standards such as NIST 800-53
• Experience with the software development business for cloud service providers
• Experience with Technology Risk Management, Compliance and Information Security
• Experience with control and risk frameworks, performing compliance and risk assessments, creating controls and overseeing mitigation projects
• Experience with translating compliance requirements to engineering and product teams
• Experience with determining scope, timeline creation, complex project tracking, risk management, and process improvement
• Familiarity with Jira and Confluence
• Relevant certifications such as CISM, CISA, CISSP, or ISO 27001 Lead Auditor are highly desirable

Our perks & benefits
Atlassian offers a variety of perks and benefits to support you, your family and to help you engage with your local community. Our offerings include health coverage, paid volunteer days, wellness resources, and so much more. Visit go.atlassian.com/perksandbenefits to learn more.
About Atlassian
At Atlassian, we're motivated by a common goal: to unleash the potential of every team. Our software products help teams all over the planet and our solutions are designed for all types of work. Team collaboration through our tools makes what may be impossible alone, possible together.
We believe that the unique contributions of all Atlassians create our success. To ensure that our products and culture continue to incorporate everyone's perspectives and experience, we never discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. All your information will be kept confidential according to EEO guidelines.
To provide you the best experience, we can support with accommodations or adjustments at any stage of the recruitment process. Simply inform our Recruitment team during your conversation with them.
To learn more about our culture and hiring process, visit go.atlassian.com/crh .