**Job Summary** The Global Security Compliance Lead is a key role in ensuring regulatory compliance with CRA and NIS2 regulations within Business Units across NetApp. The Compliance Lead will be responsible for partnering with NetApp Business Units and the SDL team to communicate, verify, and track internal compliance to NetApp policies and standards, industry standard requirements, external certification controls, and customer expected controls. The Compliance Lead will support creating/reviewing documentation, reporting, developing compliance controls, and identifying risks in a system of record. **Job Requirements** • Lead and facilitate control testing discussions related to CRA and NIS2 regulations with senior leaders and communicate status to leaders. • Work with SDL teams to ensure regulatory compliance through education, training, and control creation. • Create, review, map, and update cybersecurity controls based on CRA, NIS2, industry standards, and customer expectations. • Assist the Sales department in the completion of customer questionnaires related to CRA and NIS2 compliance. • Communicate with other business units and peers to determine appropriate scope and test control statements. • Collaborate with internal business units and the SDL team to provide evidence and/or information for internal and external audits. • Collaborate with Global Security and/or other internal business units to collect supporting evidence. • Identify, plan, track, and coordinate risk remediation according to internal risk frameworks. • Communicate gaps in processes/compliance requirements with the Global Cybersecurity Assurance Team as necessary. • Assist in reviewing customer/partner contracts for Information Security requirements related to CRA and NIS2. • Ensure all Security policy and procedures are documented and updated according to Global Security Standards, deadlines are met, approvals obtained, guidelines followed, repository usage understood, and repository/system of record up-to-date as defined by the Global Cybersecurity Governance program. • Lead and support industry and customer audits to ensure compliance with CRA, NIS2, and other relevant regulations. • Prepare and present audit findings to senior management and stakeholders, providing recommendations for improvements. • Monitor and track audit remediation efforts to ensure timely and effective resolution of identified issues. **Education** • Bachelor's degree in business, accounting, finance, computer science, information systems, engineering, or a related field strongly preferred; equivalent combination of education and experience may be substituted in lieu of degree. Minimum Qualifications • At least two (2) years of GRC (governance, risk, compliance) experience with methodologies, activities, tools, and enablers in a technology-related industry and five (5) – seven (7) years of experience in business process analysis, project methodology, or systems development life cycle through education or on-the-job experience, required. • Ability to demonstrate a strong understanding of various compliance and regulatory areas (e.g., CRA, NIS2, GDPR, DFARS/NIST 800-53, ISO27001, and SOC2). • Experience with cloud hyperscalers (i.e., Amazon, Google, Azure) and compliance requirements in the cloud. • Excellent written and verbal communication skills. • Strong analytical and problem-solving skills. • The ability to work well with people from many different disciplines with varying degrees of technical experience. • The ability to adapt to a dynamic, rapidly changing business and technical environment. Preferred Qualifications • Information security-related training or certifications such as CISSP, CISA, or CRISC. • Project management experience. • Experience performing information security audits or risk assessments. • Familiarity with security audit or risk management processes. 131302 At NetApp, we embrace a hybrid working environment designed to strengthen connection, collaboration, and culture for all employees. This means that most roles will have some level of in-office and/or in-person expectations, which will be shared during the recruitment process. **Equal Opportunity Employer:** NetApp is firmly committed to Equal Employment Opportunity (EEO) and to compliance with all laws that prohibit employment discrimination based on age, race, color, gender, sexual orientation, gender identity, national origin, religion, disability or genetic information, pregnancy, and any protected classification. **Why NetApp?** In a world full of generalists, NetApp is a specialist. No one knows how to elevate the world's biggest clouds like NetApp. We are data-driven and empowered to innovate. Trust, integrity, and teamwork all combine to make a difference for our customers, partners, and communities. We enable a healthy work-life balance. Our volunteer time off program is best in class, offering employees 40 hours of paid time per year to volunteer with their favourite organizations. We provide comprehensive medical, dental, wellness, and vision plans for you and your family. We offer educational assistance, legal services, and access to discounts. Finally, we provide financial savings programs to help you plan for your future. If you want to help us build knowledge and solve big problems, let's talk.