IT Security & Compliance Manager

Tesla is looking for an IT Security and Compliance Manager to join our Global Risk and Compliance team. You will help run the risk and compliance efforts to design, evaluating, implementing, and improving Tesla's IT Security Controls. You will join the IT Compliance team as part of the CIO's organization and manage activities across the global organization. The role will act as a liaison between the audit function and IT Security Teams across Tesla - you will work with SMEs across the organization to mature/design security controls & mitigate risk and become a deep technical resource.


Responsibilities

• SOC 2 Energy Compliance: Develop and execute the annual SOC 2 energy plan, coordinating with both internal teams and external auditors. Serve as the primary point of contact for all SOC audit-related matters. Prepare and review SOC audit documentation, ensuring its accuracy and completeness. Track and manage remediation efforts for any identified audit findings
• Vehicle Cybersecurity Compliance: Maintain meticulous compliance with vehicle cybersecurity regulations (UNECE 155/156, ISO 21434). Serve as the primary liaison with external cybersecurity auditors and regulators. Guarantee the application of appropriate technical audit methodologies and scope
• IT Policy Governance: Ensure compliance with data security policies and all relevant legal and regulatory requirements. Maintain and evolve IT Security Policies across the organization
• Monitoring & Reporting: Develop and conduct in-depth analysis of reports and alerts to identify potential gaps and propose actionable changes. Continuously monitor and actively contribute to the improvement of the organization's security, risk, and compliance posture
• Risk Management: Foster strong partnerships and coordinate with security teams, external auditors, management, and other testing groups to proactively address and mitigate risks
• Monitoring & Reporting: Develop and conduct in-depth analysis of reports and alerts to identify potential gaps and propose actionable changes. Continuously monitor and actively contribute to the improvement of the organization's security, risk, and compliance posture
• Continuous Improvement Continuously evaluate and proactively recommend enhancements to existing programs, practices, and technologies. Identify areas for improvement, develop actionable plans, and execute to implement changes in a timely and efficient manner. Ensure that all necessary changes and improvement actions are implemented as required

Requirements

• 5-8 years of professional Cybersecurity, IT Risk and Compliance, and audit experience
• Experience in technical audit methodology (to be able to handle external auditors and regulators) is a must
• Experience implementing security frameworks, such as SOC 2, ISO 27001, UNCE R155/R156, ISO 21434
• Strong technical knowledge in SDLC and software/firmware change management
• You have experience leading and mitigating risk in projects throughout an organization
• Understanding IT General Controls, Security Incident Handling, Data Classification and Handling, Data Privacy
• You have relevant knowledge and experience testing design and operation of IT General Controls for user access, change management, system integrations, and system development activities
• Fundamental understanding of including vehicle software, OTA updates, fleet management TCP/IP protocols, networking, network topology, operating systems, including Windows and Linux
• CISA, CISSP, CRISC, CISM, or other professional certifications/associations is a plus
• Big 4 Accounting Firm experience specializing in IT Risk & Compliance is preferred

Compensation and Benefits
Benefits

Along with competitive pay, as a full-time Tesla employee, you are eligible for the following benefits at day 1 of hire:

• Aetna PPO and HSA plans > 2 medical plan options with $0 payroll deduction
• Family-building, fertility, adoption and surrogacy benefits
• Dental (including orthodontic coverage) and vision plans, both have options with a $0 paycheck contribution
• Company Paid (Health Savings Account) HSA Contribution when enrolled in the High Deductible Aetna medical plan with HSA
• Healthcare and Dependent Care Flexible Spending Accounts (FSA)
• LGBTQ+ care concierge services
• 401(k) with employer match, Employee Stock Purchase Plans, and other financial benefits
• Company paid Basic Life, AD&D, short-term and long-term disability insurance
• Employee Assistance Program
• Sick and Vacation time (Flex time for salary positions), and Paid Holidays
• Back-up childcare and parenting support resources
• Voluntary benefits to include: critical illness, hospital indemnity, accident insurance, theft & legal services, and pet insurance
• Weight Loss and Tobacco Cessation Programs
• Tesla Babies program
• Commuter benefits
• Employee discounts and perks program


Expected Compensation

$88,000 - $294,000/annual salary, depending on level + cash and stock awards + benefits

Pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. The total compensation package for this position may also include other elements dependent on the position offered. Details of participation in these benefit plans will be provided if an employee receives an offer of employment.