Policy Team SME

About the Company

SkySync is a rapidly evolving, fast-paced, venture-backed software innovator based in the Ann Arbor tech cluster with remote Syncopaths in all US timezones. Our energetic and unique workforce excels at managing our customer’s content migration, synchronization, and orchestration challenges like no other in our space.

We are poised for rapid growth with our data governance application and are therefore seeking a Policy Team Subject Matter Expert (SME). The Policy Team SME will research and document regulatory requirements for our development team. The ideal candidate will understand how to research and document regulatory polices made by companies and governments, both in the US and abroad.  For example, our product needs to detect French passport numbers in documents so customers can comply with privacy and security regulations related to GDPR. Defining and updating such parameters is the essence of this position.

This is a fully remote position. You will need an ability to research and understand information security best practices, work independently, and proactively communicate updates to our engineering team and customers.

Duties and Responsibilities

The Policy SME will work closely with product managers, UX team and Engineering to document, develop, and verify SkySync data governance routines. While the SME does not need to be a software engineer, you will need to run our software and test against sample documents and data sets to verify findings.

The Policy SME will have the following responsibilities:

  • Gather and document industry regulations, including CCPA, GDPR, HIPPA/HIPPA Hi-tech, FinServ/PCI as well as NIST, SOC and ISO data privacy requirements for PII.
  • Identify regulatory changes that will affect information security policy, standards and procedures, recommending appropriate software changes to match.
  • Interface with Product Management and other stakeholders to understand scope and priority, working to understand business systems and industry requirements.
  • Translate business requirements around regulations and information governance policy into functional and non-functional requirements in clearly documented specifications that are actionable by development and testing groups.
  • Assists with responding to customer security questionnaires.

Essential Skills/Qualifications

  • Ability to read through regulations, interpreting and distilling them so they can be converted into matching SkySync software routines for data detection.
  • Knowledge of at least one important regulatory rule set: HIPPA, CCPA, GDPR or FinServ.
  • An ability to work independently across several tasks and pay attention to sources of information from inside and outside one’s network within an organization
  • Solid verbal and written communication skills.
  • Basic familiarity with enterprise software systems
  • Must be proficient with MSFT Office applications.

Desired qualifications

  • Privacy Industry certifications such as ISACA, CISP or similar IT risk management certification. Or, willingness to achieve certification while working for our company.
  • Experience coordinating projects and working in regulatory compliance.
  • Familiarity with an Agile-Lean (Scrum) development environment.

This position is a great fit for you if you are detail-oriented and can make complex regulations seem simpler and more straightforward.  You are technical enough to work with enterprise software but have business savvy and understand how companies handle regulatory compliance.