Full-Time

Senior Security Compliance Analyst

Confirmed live in the last 24 hours

Postman

Postman

1,001-5,000 employees

API building and collaboration platform


Senior

San Francisco, CA, USA

Required Skills
Sales
Communications
Management
Requirements
  • Minimum of ten years of experience in cybersecurity governance, risk management, and compliance.
  • Relevant certifications such as CISSP, CRISC, CISA, or CISM is a plus
  • Experience with GRC programs, including ISO 27001, HIPAA, and FedRAMP, preferably in a Cloud/SaaS environment.
  • Proficient in technical knowledge related to management information systems, audits, and internal controls.
  • Capable of identifying compliance and security gaps and formulating and implementing mitigation plans.
  • Self-motivated and organized, with a proven ability to meet deadlines.
  • Excellent interpersonal skills and the ability to build relationships across departments and cultures.
Responsibilities
  • Lead and orchestrate significant compliance projects to integrate and uphold standards such as ISO 27001/27701, HIPAA, NIST, FedRAMP, GDPR, CCPA, and SOC 2, ensuring Postman's alignment with regulatory and contractual obligations.
  • Actively contribute to the creation, administration, and continual enhancement of Postman's Information Security program, compliance frameworks, risk management practices, privacy protocols, and overall security stance, in line with the strategic direction set by senior management.
  • Foster collaboration with business leaders and technical teams to identify, evaluate, and manage security risks and controls, recommending strategies for mitigation and improvement to support Postman's growth and sales enablement.
  • Lead the coordination and execution of compliance audit processes, collaborating with external auditors and internal stakeholders to ensure comprehensive and timely adherence to audit requirements.
  • Regularly review and update Postman's policy and procedural documentation to reflect current industry best practices and compliance standards, ensuring the Security Assurance team's activities are aligned with organizational goals.
  • Produce detailed and accurate reports on compliance initiatives and activities, offering insights and updates to stakeholders and contributing to the transparency and effectiveness of the Security Assurance team's efforts.
  • Serve as a mentor and key point of escalation within the team, providing expert guidance, resolving complex issues, and promoting a culture of security awareness and compliance across the organization.
  • Leverage extensive technical knowledge and communication skills to effectively interact with engineers and technologists, providing clear guidance and recommendations on security and compliance best practices.
  • Demonstrate a process-oriented, results-driven approach to compliance engineering, employing effective problem-solving and communication skills to serve as a subject matter expert and trusted advisor within Postman.

Postman offers a widely used API platform for efficient API building and collaboration, serving millions of developers and organizations globally. Its technologies include streamlined API building and collaboration tools, catering to over 30 million developers and 500,000 organizations worldwide.

Company Stage

Series D

Total Funding

$433M

Headquarters

San Francisco, California

Founded

2014

Growth & Insights
Headcount

6 month growth

13%

1 year growth

26%

2 year growth

105%

Benefits

Accidental Death & Dismemberment Insurance.

Dental Insurance.

Disability Insurance.

Flexible Spending Account (FSA)

Health Savings Account (HSA)

Life Insurance.

Mental Health Care.

Occupational Accident Insurance.