Facebook pixel

Sr. Director
Governance, Risk & Compliance, GRC
Confirmed live in the last 24 hours
Locations
Remote • United States
Experience Level
Entry
Junior
Mid
Senior
Expert
Desired Skills
Development Operations (DevOps)
Leadership
Management
Requirements
  • 12+ years of security experience in relevant security domains (e.g. compliance, audit, security risk management), with 5+ years of management experience
  • Prior experience of working in Security and compliance group at a technology or SaaS / Cloud and / or as an auditor at Big4
  • Experience in multiple security domains including technology compliance, privacy operations, public sector etc
  • Experience managing external audits and consultants
  • Strong technical knowledge of modern cloud security challenges and controls
  • Ability to prioritize and track multiple projects in parallel
  • Significant experience recruiting and building out high performing security teams
  • Experience presenting and communicating to Executive Management
  • Highly responsive and have a customer first mindset
  • Flexibility in daily hours (i.e., willingness to work longer hours during end of quarter, peak periods and audits)
  • Previous experience at a technology or SaaS company in similar role
  • Automation and GRC tech implementation experience
  • Experience implementing and scaling security programs in a startup environment
  • Knowledge of security and compliance challenges in open source and devops
Responsibilities
  • Manage and grow a security compliance organization in line with org and business needs
  • Experienced people manager with experience in scaling and structuring delivery support in a matrixed organization
  • Mature policy and control frameworks supporting various standards including commercial (e.g. SOC2, ISO27001, PCI, HIPAA) and public sector (FISMA, FedRAMP) attestations
  • Implement strategy to adhere to technology regulatory requirements, global privacy and data protection laws
  • Execute control testing, risk assessments and internal audits
  • Drive remediation of control deficiencies and reporting of risk
  • Provide compliance advisory services to the business including product management
  • Scale our Vendor Security Risk Program
  • Assist with other security aspects as needed including Vendor security assessments, customer audit needs, security training and awareness
  • Assist CSO & other leadership to develop strategic plans and long-term roadmaps
  • Develop security KPI/metrics to track compliance programs maturity and performance
  • Education and training of process / control owners
  • Evaluate new and evolving security and privacy requirements
  • Mentor and manage multiple teams in risk management, privacy, compliance, vendor risk management
HashiCorp

1,001-5,000 employees

Infrastructure solutions for cloud environments
Company Overview
HashiCorp's mission is to build solutions that enable innovation at global enterprises, offering them a common cloud operating model via consistent workflows to provision, secure, connect, and run their infrastructure with any application.
Benefits
  • Medical, dental & vision
  • Life & disability insurance
  • Flexible spending account (FSA)
  • Vacation and Other Leaves
  • 401(k)
  • Family Expansion Benefit
  • Maternity and Parental Leave
  • Expanded Mental Health Support
Company Values
  • Integrity
  • Kindness
  • Pragmatism
  • Humility
  • Vision
  • Execution
  • Communication
  • Beauty Works Better
  • Reflection