Sr. IRAP Compliance Program Manager

Job Description

Smartsheet, a leading platform for enterprise work management, is seeking a Sr. IRAP Compliance Program Manager to lead and manage its IRAP compliance program in Australia. This role involves interpreting requirements from the Australian Signals Directorate’s Information Security Manual, assessing compliance, and implementing or remediating requirements. The primary goal is to achieve and maintain IRAP compliance.

The Sr. Manager will independently interpret and apply IRAP and other control frameworks (e.g., NIST SP 800-53), ensuring that all technical controls meet security and compliance standards. This includes creating and maintaining technical standards, developing Assessment Procedures for controls, and managing the overall IRAP Assessment Package.

This role offers an exciting opportunity to lead and shape Smartsheet's security and privacy initiatives in a dynamic environment. The company is dedicated to enabling organizations to work smarter by providing innovative solutions for work management.

Role Involves:

• Interpreting and implementing IRAP and other control frameworks.
• Overseeing the implementation of compliance controls.
• Acting as the primary point of contact with external IRAP assessors.
• Developing criteria to measure program performance.
• Identifying and addressing issues in the IRAP compliance program.
• Managing program budgets and analyzing program data for improvements.
• Developing effective risk management strategies.
• Overseeing the execution of IRAP-related projects.
• Establishing clear expectations with stakeholders.

Requirements:

• Australian citizenship.
• Bachelor’s degree in IT/Technology.
• Expert-level knowledge of the Australian Signal Directorate’s Information Security Manual.
• 2+ years of experience creating IRAP authorization packages at the “Protected” Level or above.
• Knowledge and experience with IRAP assessment methodology and requirements.
• 2+ years of experience mapping and translating requirements from one control framework to another.
• Basic understanding of NIST SP 800-53.
• Basic understanding of Service Oriented Architecture and how DevOps impacts a compliance program.
• 7+ years of experience in program management, with at least 3+ years specifically in compliance program management.

Smartsheet offers:

• Opportunity to lead and shape the company's security and privacy initiatives.
• A dynamic and innovative work environment.
• A chance to contribute to a leading platform for enterprise work management.