Program Manager - Governance, Risk & Compliance at CalReply

Marketing and Advertising, Product Management, Full-time, Sydney, New South Wales, Australia sydney marketing product full-time
Posted a month ago

Who we are

Rokt is expanding rapidly and globally – operating in 16 markets worldwide, with its headquarters in NYC, and a major R&D hub in Sydney. As the global leader in ecommerce technology, Rokt powers the Transaction Moment™ of best-in-class companies including Live Nation, Groupon, Staples, Lands' End, Fanatics, GoDaddy, Vistaprint, and HelloFresh. Our mission: To make ecommerce smarter, faster, and better.

With annual revenues of more than US$200M and a vibrant company culture, Rokt has been listed in ‘Great Places to Work’ in the US and Australia. Our award-winning culture is guided by our five core values: Smart with Humility, Own the Outcomes, Force for Good, Conquer New Frontiers, and Enjoy the Ride. These values help us attract, engage, and develop the right talent around the globe and ensure we have the right conditions to do our best work.

Keen to join a fast-growing company and a vibrant culture? Learn more at


About the Role

We are looking for an information security aficionado experienced in supporting and continuously improving a governance, risk and compliance program. Rokt’s information security management system is ISO 27001 and SOC 2 certified; it protects personal customer data, entrusted to us by our clients who are leading global e-commerce brands with a combined 100 million transactions each month.

You will be embedded into a team of technical specialists and leverage their expertise to implement required controls and measure their effectiveness. It is your mission to work closely with product, engineering, legal and other business units to regularly audit compliance across the business.

Security is a business enabler and you are passionate about designing and implementing frictionless processes to support Rokt’s security program. Moving fast is your preferred modus operandi and you embrace significant improvements over small iterations.

Customer obsession is in your DNA when it comes to client requests and providing information about Rokt’s security posture.


  • Drive continuous improvement of our program by challenging the status quo, innovation and introducing best practices.
  • Develop, automate and maintain meaningful performance metrics to measure control effectiveness and inform strategic decisions.
  • Implement and run an internal auditing program that covers all applicable control areas.
  • Lead preparation for external certification audits and control evidence collection.
  • Contribute to regular risk assessments and manage our risk treatment plan.
  • Run and mature Rokt’s third-party risk management program.
  • Produce and maintain quality process and standard operating procedure documentation.
  • Respond to client security questionnaires to support client onboarding .
  • Own Rokt’s information security calendar events such as regular penetration tests, auditing activities, reviews, etc.
  • Promote a security awareness culture by keeping our training materials up to date and run occasional sessions on selected topics.


  • 2+ years of relevant experience in supporting Governance, Risk & Compliance programs
  • Passion for information security as a business enabler in a fast-paced environment
  • Sound knowledge in security frameworks like ISO 27000 family, SOC 2, PCI-DSS, CIS, NIST, etc.
  • Internal auditing capabilities against ISO 27001 and SOC 2 are desirable
  • Demonstrated ability to break down complex compliance requirements, and design and implement scalable processes that won’t slow down the business
  • Experience in compliance metrics reporting with attention to detail and focus on outcomes
  • Natural affinity to documentation creation and maintenance
  • Strong verbal and written communication skills with experience in senior stakeholder management


  • Work with the greatest talent in town. Our recruiting process is tough. We hold a high bar because we have a high-performing, high-velocity culture - we only want the brightest and the best.
  • Join a community. We believe the best things happen when we come together to solve complex problems and make meaningful connections with each other through interest groups, sports clubs, and social events.
  • Accelerate your career. Develop through our global training events, ‘Level Up’ investment, online training courses, and our fantastic people leaders. Take your career to Rokt’speed - Grow your career in our rapidly growing company.
  • Take a break. When you work hard, we know you also need to rest. We offer generous time off and parental leave policies, as well as mental health and wellness days for all employees. We also believe taking time off in sync with one another is important. As such, we shut down our offices every year in late December/early January for two weeks, partially sponsored by the company. We also offer a paid Rokt’star Sabbatical for employees who have been with us 3 years or more.
  • Stay happy and healthy. Enjoy catered lunch 3 times a week and healthy snacks in the office. Plus join the gym on us! Rokt offers a monthly allowance to use on a gym membership or online fitness classes. We also provide all Rokt'stars access to free 1:1 coaching, therapy and digital mental wellness resources.
  • Become a shareholder. All Rokt’stars have stock options. If we succeed, everyone enjoys the upside.
  • See the world! Along with our global all-staff events in amazing locations (Phuket, Thailand in January 2020), we also offer generous relocation packages for those interested in moving to another Rokt office. We have cool offices in great cities - Tokyo, New York, Singapore, Sydney.
  • We believe in equality. Rokt is an Equal Opportunity Employer and recognizes that a diverse workforce is crucial to our success as a business. We would love you to apply for one of our open roles - irrespective of socio-economic status or background, age, gender identity, race, religion, sexual orientation, color, pregnancy, carer/family responsibilities, national and social origin, political opinion, marital, veteran, or disability status.