What You Will Do

Contribute to the expansion of Adobe's Common Control Framework adoption throughout the organization, while actively refining and improving the framework to meet evolving needs and industry standards.
Perform information security assessments covering domains such as user access management, network security, OS & application security, encryption, backup management, disaster recovery, physical security, and training & awareness.
Drive technology compliance activities across Adobe under the supervision and guidance of the TechGRC manager.
Coordinate with internal organizations at multiple levels to ensure security compliance and risk posture are maintained.
Liaise with external auditors and customers to provide assurance regarding Adobe's security compliance program.
Identify internal control issues, ensure they are well-defined, and determine root causes.
Assist in implementing and managing compliance programs, ensuring adherence to relevant standards and frameworks (e.g., SOC2, ISO, evolving regional compliances).
Document audit procedures performed, ensuring audit methodology is consistently followed and conclusions are appropriately reached.
Build and maintain compliance dashboards to provide a holistic view of the organization's compliance posture.
Collaborate and coordinate activities with the TechGRC team based across multiple geo-locations.

What You Need to Succeed

Bachelor's or Master's degree with a focus in Information Technology, Information Systems, Computer Science, or a related field.
Minimum of 3-6 years of experience in the field of security, GRC, or a related field.
Hands-on experience with AWS & Azure environments.
Knowledge of compliance frameworks (e.g., SOC2, ISO, NIST, PCI, HIPAA).
Familiarity with core IT processes/services such as SDLC, identity/user access management, backup, and disaster recovery processes.
Good knowledge related to Container/ Kubernetes security.
Ability to quickly change priorities and handle simultaneous tasks with strong analytical and problem-solving skills.
Excellent communication and social skills to convey security compliance needs to both business and IT technical staff.
Strong interpersonal, verbal, and written communication skills. The candidate must be a team player and possess strong organizational and planning skills.
Ability to communicate effectively with both business and IT technical staff, including IT and business management.
Ability to anticipate questions, independently assess risk, and think critically and creatively.
Ability to work collaboratively in a fast-paced environment.