Technology Compliance Product Owner

Our Company

Changing the world through digital experiences is what Adobe’s all about. We give everyone—from emerging artists to global brands—everything they need to design and deliver exceptional digital experiences! We’re passionate about empowering people to create beautiful and powerful images, videos, and apps, and transform how companies interact with customers across every screen.

We’re on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity. We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours!

Summary

This is a Technology Compliance Product Owner role for Adobe’s Technology GRC (TechGRC) group. The role is for Adobe’s New York (NY), Lehi (UT), San Jose (CA) or Seattle (WA) location. This person will be a member of TechGRC Security Compliance team. The candidate will be responsible for the continuous auditing and monitoring requirements supporting the compliance function.

What You Will Do

• Work under the supervision and guidance of the TechGRC manager and drive technology compliance activities across Adobe.
• Perform Information Security related assessments to cover domains like User Access management, Network, OS & Application Security, Encryption, Backup Management, Disaster Recovery, Physical Security, Training & Awareness etc.
• Draft compliance reports to summarize the compliance objectives, key findings, and work with teams to remediate key findings.
• Enable the liaising with external auditors and customers to help them gain comfort with regard to Adobe’s security compliance program.
• Identify internal controls issues, ensure they are well-defined and root causes are identified.
• Contribute to the expansion of Adobe’s Common Control Framework adoption throughout the organization, while actively refining and improving the framework to meet evolving needs and industry standards.
• Document audit procedures performed ensuring audit methodology is consistently followed and conclusions are appropriately reached.
• Partner with GRC Engineering to develop integrations, dashboards, and reports that deliver real-time visibility into risk, compliance, and control posture.
• Create dashboards, KPIs, and reporting frameworks that equip executives with actionable insights for informed decision-making.

What You Need to Succeed!

• Bachelors / master’s Degree with a focus in Information Technology / Computer Science or related field.
• Minimum 3-5 years of experience in related field.
• Hands-on experience with AWS & Azure environments.
• Strong knowledge and hands-on experience with security compliance frameworks (e.g. SOC2, BSI C5, Spain ENS, CyberEssentials+, PCI DSS etc.).
• Expertise with AI compliance frameworks (ISO 42001, NIST AI RMF, CSA AICM etc.).
• Knowledge of Core IT processes / services such as SDLC, Identity/User Access management, Backup and DR processes will be useful.
• Good interpersonal, verbal and written communication skills. It is essential that the candidate is a team-player and possesses strong organizational and planning skills.
• Ability to communicate with both business and IT technical staff including IT and Business management.
• Ability to look ahead, anticipate questions, independently assess risk, and think critically and creatively.

Key skills/competency

• Technology Compliance
• GRC (Governance, Risk, Compliance)
• Information Security Assessments
• Audit & Remediation
• Common Control Framework
• AWS & Azure Security
• SOC2 Compliance
• AI Compliance Frameworks
• Risk Reporting & KPIs
• Stakeholder Communication