Senior Manager of Compliance

Confirmed live in the last 24 hours

Locations

Washington, DC, USA • Remote

Experience Level

Entry

Junior

Mid

Senior

Expert

Desired Skills

Communications

Requirements

7+ years of experience in compliance, preferably with experience leading the Security/GRC function in a Cloud/SaaS environment
Demonstrated experience achieving and maintaining compliance certifications for a SaaS service (preferably, FedRAMP and SOC 2)
In-depth knowledge of FedRAMP, NIST 800-53 security controls, NIST 800-37 risk management framework, building and running the federal compliance program
Comfort leading cross-functional resolutions of risk and compliance issues
Excellent verbal and written communication skills. You can write and manage large technical documents and translate technical concepts into clear terms for non-technical audiences
Passion for workflows, processes, tools and team dynamics and how these impact a company's ability to scale
An understanding of Compliance's role in the procurement process
Familiarity with both project management and audit, risk, and compliance software
CRISC, CISM, CISA or CISSP or similar industry certifications a plus

Responsibilities

Lead, coordinate, maintain, and improve CircleCI's Compliance program
Supervise and improve the processes and controls used to maintain our SOC 2 and FedRAMP certifications
Collaborate with both auditors and business partners, articulate control implementation and impact, and describe considerations for applying security and compliance concepts in a technical cloud environment
Participate in day-to-day compliance triaging and support activities
Work cross-functionally to remediate compliance control gaps, including documenting and communicating findings with partners and team members
Keep up to date on regulatory changes that may impact CircleCI's compliance efforts
Coach and mentor current team members to build an outstanding Compliance team

CircleCI is looking for a Senior Manager of Compliance! In this role, you will own CircleCI’s technical Compliance function and work with various areas of the business to design, implement, and manage GRC initiatives which support the company’s ongoing business and security needs.

In addition to managing the overall Compliance function, you will - in conjunction with the existing team - interpret and set CircleCI’s compliance requirements, assess the effectiveness of implemented security controls, use risk-based decision-making, participate in cross-functional teamwork and communication, and stay up-to-date on standard compliance methodologies.

What You’ll Do:

Lead, coordinate, maintain, and improve CircleCI’s Compliance program
Supervise and improve the processes and controls used to maintain our SOC 2 and FedRAMP certifications
Collaborate with both auditors and business partners, articulate control implementation and impact, and describe considerations for applying security and compliance concepts in a technical cloud environment
Participate in day-to-day compliance triaging and support activities
Work cross-functionally to remediate compliance control gaps, including documenting and communicating findings with partners and team members
Keep up to date on regulatory changes that may impact CircleCI’s compliance efforts
Coach and mentor current team members to build an outstanding Compliance team

What You Bring:

The ideal candidate is a diligent, technical, and experienced compliance professional with a background in leadership, implementation, regulatory control requirements, process improvement and compliance risk analysis.

7+ years of experience in compliance, preferably with experience leading the Security/GRC function in a Cloud/SaaS environment
Demonstrated experience achieving and maintaining compliance certifications for a SaaS service (preferably, FedRAMP and SOC 2)
In-depth knowledge of FedRAMP, NIST 800-53 security controls, NIST 800-37 risk management framework, building and running the federal compliance program
Comfort leading cross-functional resolutions of risk and compliance issues
Excellent verbal and written communication skills. You can write and manage large technical documents and translate technical concepts into clear terms for non-technical audiences
Passion for workflows, processes, tools and team dynamics and how these impact a company’s ability to scale
An understanding of Compliance’s role in the procurement process
Familiarity with both project management and audit, risk, and compliance software
CRISC, CISM, CISA or CISSP or similar industry certifications a plus

About CircleCI

CircleCI is the world’s largest shared continuous integration/continuous delivery (CI/CD) platform, and the hub where code moves from idea to delivery. As one of the most-used DevOps tools - processing more than 1 million builds a day - CircleCI has unique access to data on how engineering teams work, and how their code runs. Companies like Spotify, Coinbase, and BuzzFeed use us to improve engineering team productivity, release better products, and get to market faster.

Founded in 2011 and headquartered in downtown San Francisco with a global, remote workforce, CircleCI is venture-backed by Base10, Greenspring Associates, Eleven Prime, IVP, Sapphire Ventures, Top Tier Capital Partners, Baseline Ventures, Threshold Ventures, Scale Venture Partners, Owl Rock Capital, Next Equity Partners, Heavybit and Harrison Metal Capital.

CircleCI is an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.

US Salary Range: "$150,000- $215,000"

201-500 employees

Website

Computer Software

Company Overview

CircleCI's mission is to manage change so software teams can innovate faster. We want to empower technology-driven organizations to do their best work – and make engineering teams more productive and innovative by managing change. The company operates a CI/CD platform for enterprises.

Benefits

Working remotely at CircleCI - Whether it’s a peaceful home or a house full of kids, roommates, or pets, your office can be where you need it. CircleCI has been a remote-first company since the beginning. We’ll ensure you stay well-connected with your teammates every day through tools like Zoom, Slack, Confluence, Google Suite, and GitHub. We also provide a home office stipend to help you do your best work.
Health and wellness - Regardless of location, we prioritize the health and wellness of our employees and their families. In addition to unlimited PTO, we offer generous parental leave and benefits that can cover employees and dependents up to 100%. We also offer quarterly wellness days, a free Calm subscription, wellness reimbursement, and Cleo for new parents.
Professional development - At CircleCI, employees have ample opportunity to learn new skills, including project-based learning and presentations from our colleagues. Udemy is available for on-demand learning and we offer an annual stipend for personal development outside of CircleCI. Your continued professional development is important to us because it’s important to you.

Company Core Values

Inclusive, empathetic, and respectful
Open and transparent
Quick and continuous
Resilient
Aligned, empowered, and accountable