Internal Compliance Manager

Job Description

Job Description

Prime Data Centers develops, acquires, and operates data centers for some of the world's largest enterprises. A private firm owned by a group controlling $6 billion in assets, with a 15-year tenure in technology and real estate development, Prime provides customers with ownership options and dynamic leasing models, defining a true corporate partnership. www.primedatacenters.com

Reports To : Director IT and Cybersecurity

Location : Remote / Hybrid

Travel : 10-15%

The Internal Compliance Manager is responsible for managing and ensuring the data center’s adherence to regulatory standards and compliance frameworks, including ISO 27001, PCI / DSS, HIPAA, and SOC 2 Type 2. This role will involve designing, implementing, and maintaining compliance programs, conducting internal audits, and collaborating with cross-functional teams to uphold the security and regulatory integrity of the company’s data storage and processing services. The Internal Compliance Manager will ensure that the company consistently meets industry standards and regulatory obligations, with a special focus on data protection, security, and privacy.

Key Responsibilities :

Compliance Program Management :

Develop, implement, and oversee a robust compliance program tailored to the needs of a data center company.

• Ensure that compliance policies and procedures align with ISO 27001, PCI / DSS, HIPAA, and SOC 2 Type 2 standards.
• Monitor and continuously improve compliance processes to meet evolving regulatory and industry standards.

​​​​​​​Audit and Risk Management :

Plan and conduct internal audits and gap assessments to verify adherence to ISO 27001, PCI / DSS, HIPAA, and SOC 2 Type 2 requirements.

Collaborate with internal teams to assess data protection and security risks; design and implement mitigation strategies.

Lead external audits and certification processes, ensuring the company maintains compliance with relevant standards.

Data Protection and Privacy :

Implement and maintain privacy and security programs to protect sensitive information in line with HIPAA, PCI / DSS, and data protection regulations.

Act as the point of contact for data breach response and incident management, ensuring timely and appropriate handling of incidents.

Training and Awareness :

Develop and conduct training programs to educate staff on compliance and security-related topics, with a focus on ISO 27001, PCI / DSS, HIPAA, and SOC 2 Type 2.

​​​​​​​Policy and Procedure Management :

Create and maintain comprehensive policies and procedures that reflect compliance with ISO 27001, PCI / DSS, HIPAA, and SOC 2 Type 2.

Regularly review and update policies to reflect changes in legal and regulatory environments, ensuring timely communication and implementation.

Vendor and Third-Party Compliance :

Oversee vendor management programs to ensure that third-party services meet compliance requirements.

​​​​​​​Regulatory Liaison and Reporting :

Serve as the liaison with regulatory bodies, external auditors, and certification agencies for ISO 27001, PCI / DSS, HIPAA, and SOC 2 Type 2 compliance.

Prepare and submit regular compliance reports to senior leadership and regulatory authorities.

​​​​​​​Incident Management and Investigations :

Investigate and respond to compliance violations or data security incidents.

Coordinate with internal teams and external regulators to resolve incidents and implement corrective actions.

Lead post-incident reviews and ensure lessons learned are incorporated into future compliance measures.

Qualifications : Education :

​​​​​​​Experience :

Minimum of 5 years of experience in compliance management, auditing, or a related field within the technology or data center industry.

Proven experience in managing compliance with ISO 27001, PCI / DSS, HIPAA, and SOC 2 Type 2 standards is required.

Experience in leading audits and certification processes in a highly regulated environment.

Skills :

Strong understanding of data security and privacy regulations, including HIPAA and PCI / DSS.

Excellent project management and organizational skills.

Strong analytical and problem-solving skills.

Ability to communicate effectively with technical and non-technical teams.

Familiarity with data center operations, cloud environments, and security best practices.

Personal Attributes :

Ethical and integrity-driven with a strong focus on maintaining compliance and security.

Attention to detail and ability to manage multiple projects simultaneously.

Strong leadership and decision-making skills.

Proactive, adaptable, and capable of thriving in a fast-paced environment.

Working Conditions :

Full-time position, typically Monday through Friday.

May require occasional travel for audits or certifications.

Primarily office-based with potential for remote work flexibility.

Benefits :

Applications will be accepted on an ongoing basis.

Prime is an Equal Opportunity Employer. All applicants are considered for employment without attention to race, color, age, religion, sex (including pregnancy, childbirth or related medical conditions), sexual orientation, gender identity or expression, genetic information, ancestry, national origin, citizenship, protected veteran or military status, disability status, or any other classification protected by federal, state, or local laws and ordinances.

Powered by JazzHR

2Gg8xvxFFN