About the role
- You will work across the entire company to maintain compliance with our programs and conduct internal audits
- You will manage our compliance calendar, including recurring events, such as our SOC-2 audit and penetration tests.
- You will answer customer questionnaires about our security and compliance programs
- You will collaborate with legal and engineering leadership to review and approve changes to customer contracts that may impact our security or engineering process and infrastructure.
- You will collaborate across various company teams and departments to complete risk assessments and report the progress of risk management programs.
- You will develop and deliver customized security training across the company.
- You will coordinate the execution of our SOC-2 controls and gather evidence for audits.
- You will continually improve our security posture and processes, including our velocity and consistency, by implementing automation and new tooling.
- On a typical day, you may answer a customer’s security questions, submit evidence to our SOC-2 auditor, work with legal to review operational requirements and customer contracts, implement process automation and improvements, report on security metrics, or process customer data-deletion requests.
- You can comfortably work 9-5 Eastern Time. While we are a 100% remote-1st company and you can connect from anywhere, we require 8 hours overlap to collaborate effectively with the rest of our team members who work these hours.
- You have some previous experience working with compliance and certification standards (SOC, ISO, PCI, GDPR, HIPAA, etc.)
- You have a basic working knowledge of web application security, such as OWASP.
- You are diligent and persistent and not afraid to follow up with others to get the job done on time.
- You are excited to join a company with a commitment to security, on a small team with lots of opportunities to implement your vision.
- You have a growth mindset and are excited to learn and show how to improve team standards, practices, and tools.
- You are energized by working in a highly collaborative environment at a customer-driven startup.
- You possess excellent written communication skills and naturally lead with context, explaining the why of your initiatives and proposals.
- Bonus if you are comfortable with Linux and basic scripting. If not, we can teach you.
- You believe remote teams are the future of work or are at least excited about the idea.
100% remote – We don’t have an office so all of our employees learn and collaborate in the same way using remote work practices. This won’t change post-COVID as we are committed to being 100% remote for the long-term. We work in Slack, Zoom, and a collection of modern collaboration tools. We have inclusive remote events and, after COVID times, will get together twice a year for a fun off-site retreat.
Well-being – You’ll have solid health, dental, and vision plans; access to 401k, and a generous maternity and paternity leave.
Fair pay – Each role has a defined salary band, bands and salaries are audited on a regular basis to help maintain fairness and market value
Home office and tech budget – Besides paying for your work computer (Mac or PC), we offer a one-time $1000 home office stipend and an additional $500 annual budget for extra work-related technology.
Coworking space, on us – Home office not cutting it? We’ll reimburse your monthly coworking fees.
Equity – We want everyone invested in our success. We grant every employee equity in the company.
Transparency and collaboration – We foster team alignment with meetings of all shapes and sizes—a monthly all-hands meeting called FirstThurs, weekly team lunches, and Lunch & Learns., and an annual learning stipend.
Unlimited vacation – We believe time away to reflect and explore makes us all more productive, so we expect each employee to take a minimum of ten days of vacation per year. Employees based in the USA also take off all US federal holidays. Employees residing in other countries can choose to follow their local national holidays or US federal holidays.