About the position:

Principal Compliance Program Manager - GRC Global Federal (APJ - ISMAP and IRAP)

Job Overview

As a Compliance Analyst for the Asia-Pacific & Japan (APJ) region, you will play a pivotal role in scaling the organization by leading supporting the Global Federal Public Sector APJ Asia Pacific Region Compliance program. Operating as a key member of the Global Information Security (GIS) team, you will lead the effort to ensure adherence to international and regional regulatory frameworks, specifically managing the  cloud certifications such as Japan’s ISMAP and Australia’s IRAP alongside other regional standards. You will collaborate with business stakeholders to drive Global Federal GRC activities, administer GRC solutions, and assist in the management of the Information Security Management System (ISMS). This position is critical to achieving our compliance objectives and maturing our controls and overall Information Security program.

Job Responsibilities:

• Prepare and lead Netskope to obtain and maintain Information system Security Management and Assessment Program (ISMAP) government certification/registration for the Japanese Market, including maintaining ongoing compliance for the InfoSec Registered Assessors Program (IRAP) for the Australian Market.
• Create and drive the compliance roadmap for APJ, including ISMAP and IRAP, along with future compliance certifications to support the business.
• Be the GRC primary interface with the Netskope APJ Sales team, communicating status of the compliance program and communicating all requirements from Sales to GRC Leadership.
• Lead the cCoordination and e and support the audit of the Netskope cloud platform with relation to the above certifications, serving as the primary Netskope champion to external auditors,  and leading evidence gathering and validation, and meeting with both internal and external stakeholders as needed.
• Reviewing, writing, and finalizing the ISMAP control mapping
• Conduct targeted testing of systems and processes to validate alignment with ISMAP controls and work with teams to remediate deficiencies.
• Lead the coordination , collection and analysis of evidenceofanalyzeaAnalyaiaze evidence collected and determine whether evidence meets program requirements.
• Educate internal stakeholders on program control requirements, translating control requirements into business requirements.
• Perform the role as the primary in-country contact and liaison with Japan Independent Administrative Agency Information-technology Promotion Agency (IPA) on all matters related to the ISMAP registration and ongoing compliance
• Build and maintain healthy business relationships with external auditors and have the conviction to respectfully challenge control interpretations and be able to speak confidently to compensating controls, where warranted. 
• Assemble, submit, and maintain program packages, including the application (Declaration Document), control responses, audit attestation and report
• Optimize the audit process, directly increasing readiness and efficiency both for the GRC team and cross-functional control owners.
• Strengthen and foster key stakeholder alignment by improving the way the GRC Team engages with cross-functional partners, reducing friction in the audit cycle.
• Where required properly scope and select compliance program control objectives to align with ...