We are a top tier VC funded company, headquartered in Silicon Valley and currently in stealth mode. The company is being built by proven serial entrepreneurs and executives, who have successfully built and scaled high growth global companies before.
If you have the aspirations to work on cutting edge technologies and frameworks, side by side with some of the smartest technologists, this may be a unique place for you. Dare to be part of the excitement?
- This role requires a strong understanding of various standards such as SOC2, NIST, FedRAMP, along with an understanding of the Security, Availability, Confidentiality, Processing Integrity, and Privacy Trust Service Principles.
- The job functions include, but are not limited to, the following:
- leading internal information security initiatives,
- executing security and privacy assessments of third party vendors,
- leading information security compliance efforts covering a variety of security frameworks such as SOC2, FedRAMP and
- supporting sales teams by supporting security due-diligence efforts of our customers and prospects including audit requests and meetings with customers.
- You will be responsible for supporting the security, governance, risk, and compliance initiatives and for performing the key ongoing activities needed to attain and maintain attestations such as SOC2 and FedRAMP for a suite of SaaS products.
- You will be the key person in influencing and motivating stakeholders across the organization to establish the needed reporting frameworks and compliance.
- You will provide direction in control mapping, control gap identification, gap remediation and mitigation.
- You will guide engineering teams by reviewing and providing guidance in the development and maintenance of scoping documentation including system understanding, process flows, and system infrastructure diagrams.
- You will inform senior management timely of key program updates, milestones, and barriers for program implementation.
- You will support the sales teams by articulating our security and compliance posture to customers and prospects including audit requests and meetings with customers.
- Bachelor's or Master’s degree in related field or equivalent work experience.
- Eight to ten years of experience
- Experience with SOC2 and FedRAMP reporting engagements, and Security, Availability, Confidentiality, Privacy, and Processing Integrity Trust Service Principles.
- Ability to effectively communicate and influence senior leadership across various departments within the organization.
- Excellent verbal and written communication and presentation skills.
- Information technology risk management experience and proven ability to meet deadlines.
- Understanding of information risk management concepts.
- Experience leading team members, directing staff priorities and completing reviews to ensure quality work products.
- Ability to adapt in a dynamic work environment, learn quickly, solve problems and make decisions with minimal supervision.
- Experience in the SaaS product technology industry.
- Experience with AWS and/or other major public cloud environments.
- SecDevOps Experience (desirable).
- Experience with security tools and penetration testing.
- Experience with NIST and FISMA federal security standards.
- CIA, CISA, CISSP or other security related certifications are desirable.