What you’ll do
- Formulate and drive GRC roadmap, security policies, vendor security reviews and security training
- Initiate, own and lead new security & compliance programs and audits GDPR, SOC2, HIPAA and ISO 27001
- Establish and continuously improve standards, processes, tooling and procedures for audit and compliance management
- Collaborate and work cross-functionally across the company to deliver successful security compliance programs, partnering with Engineering, Product, GTM, Legal and HR teams
- Oversee IT operations, internal systems, and access controls in alignment with security best practices
- Work with external auditors to achieve security compliance certifications and reports
- Regularly report on status, operational metrics and KPI’s, providing transparency to company Leadership and internal stakeholder teams
About you
Required:
- Extensive experience in security compliance, successfully leading compliance projects, risk assessments and audits
- FedRAMP (NIST 800-53), GDPR, SOC2, HIPAA and ISO 27001 auditing and implementation experience
- Experience working with Engineering teams within the modern cloud / SaaS technology space
- Excellent written and verbal communication skills
Nice to have’s:
- Past experience at a Big Four consulting firm and/or reputable SaaS provider
- Engineering or Computer Science background
Compensation
The base salary range for this role is $250,000 to $300,000 + bonus, equity, and US Benefits.