Full-Time
Senior Security Compliance Analyst
Confirmed live in the last 24 hours
API development and collaboration platform
Senior
San Francisco, CA, USA
- Minimum of ten years of experience in cybersecurity governance, risk management, and compliance.
- Relevant certifications such as CISSP, CRISC, CISA, or CISM is a plus
- Experience with GRC programs, including ISO 27001, HIPAA, and FedRAMP, preferably in a Cloud/SaaS environment.
- Proficient in technical knowledge related to management information systems, audits, and internal controls.
- Capable of identifying compliance and security gaps and formulating and implementing mitigation plans.
- Self-motivated and organized, with a proven ability to meet deadlines.
- Excellent interpersonal skills and the ability to build relationships across departments and cultures.
- Lead and orchestrate significant compliance projects to integrate and uphold standards such as ISO 27001/27701, HIPAA, NIST, FedRAMP, GDPR, CCPA, and SOC 2, ensuring Postman's alignment with regulatory and contractual obligations.
- Actively contribute to the creation, administration, and continual enhancement of Postman's Information Security program, compliance frameworks, risk management practices, privacy protocols, and overall security stance, in line with the strategic direction set by senior management.
- Foster collaboration with business leaders and technical teams to identify, evaluate, and manage security risks and controls, recommending strategies for mitigation and improvement to support Postman's growth and sales enablement.
- Lead the coordination and execution of compliance audit processes, collaborating with external auditors and internal stakeholders to ensure comprehensive and timely adherence to audit requirements.
- Regularly review and update Postman's policy and procedural documentation to reflect current industry best practices and compliance standards, ensuring the Security Assurance team's activities are aligned with organizational goals.
- Produce detailed and accurate reports on compliance initiatives and activities, offering insights and updates to stakeholders and contributing to the transparency and effectiveness of the Security Assurance team's efforts.
- Serve as a mentor and key point of escalation within the team, providing expert guidance, resolving complex issues, and promoting a culture of security awareness and compliance across the organization.
- Leverage extensive technical knowledge and communication skills to effectively interact with engineers and technologists, providing clear guidance and recommendations on security and compliance best practices.
- Demonstrate a process-oriented, results-driven approach to compliance engineering, employing effective problem-solving and communication skills to serve as a subject matter expert and trusted advisor within Postman.
Postman, recognized for its comprehensive API platform, cultivates a collaborative environment ideal for developers focused on building and enhancing APIs efficiently. Serving millions globally, the company provides robust tools for over 30 million developers and 500,000 organizations, fostering a space where tech professionals can grow and excel. This focus on continual improvement and substantial industry presence makes it a premiere workplace for those interested in advanced technology and teamwork.
Company Stage
Series D
Total Funding
$433M
Headquarters
San Francisco, California
Founded
2014
6 month growth
↑ 8%1 year growth
↑ 22%2 year growth
↑ 98%Benefits
Accidental Death & Dismemberment Insurance.
Dental Insurance.
Disability Insurance.
Flexible Spending Account (FSA)
Health Savings Account (HSA)
Life Insurance.
Mental Health Care.
Occupational Accident Insurance.