Client's Security Risk and Compliance team is looking for a security risk and compliance junior operations associate to join our team. You will partner closely with Engineering, Sales, Security, and other cross-functional teams to support our customer trust and security compliance efforts.
You will support the Security Risk and Compliance team in our customer trust program by assisting sales teams with customer assessments and improving our internal and external documentation. In addition, you will help contribute to our internal training and awareness program by managing and tracking our ongoing security and awareness campaigns. You will interact cross-functionally with sales, solutions engineering, engineering, and with others across the business to deliver high-impact and high-value information to new and prospective customers.
This role is a work-from-home type and will follow a Pacific Standard Time (PST) shift.
2k internet allowance - reimbursable
5k medical allowance - reimbursable
Customer Trust & Sales Enablement
Provide support in delivering accurate, timely, and professional responses to customer security questionnaires and technical inquiries by managing the end-to-end response process for questions and escalating when needed.
Review and process customer access requests for security documentation.
Perform ad-hoc updates to client's security knowledge base and resources as needed.
Security and Privacy Awareness Training
Manage the lifecycle of security and privacy awareness campaigns for new hires.
Support annual security and privacy awareness campaigns.
Help to escalate overdue security training for completion.
Team Operations
Perform ad-hoc project support on security risk and compliance work as directed.
At least 3 years of experience in an information security, governance, risk, and compliance (GRC), and/or customer trust facing role for a technology company.
BA/BS in relevant field or equivalent work experience in information security
Experience reviewing and completing security and compliance questionnaires, including custom questionnaires as well as industry-standard questionnaires (e.g. SIG, CAIQ, HECVAT, VSA)
Familiarity with security and privacy compliance programs such as SOC 2, ISO 27001/17/18, CSA STAR, GDPR, FedRAMP, NIST, etc.
Familiarity with a security and privacy training program at a technology company
Ability to multitask, prioritize, and organize efficiently with minimal daily supervision
You are a detail-oriented problem solver and a forward thinker
Excellent written and verbal communication skills with the ability to convey security concepts clearly, effectively, and accurately
Ability to understand and communicate internal processes to stakeholders
Excellent interpersonal and communication skills and the ability to form relationships with internal and external teams
Strong preference for relevant Information Security Certification(s) (CISSP, CISA, CISM, CRISC, CCSK, ISC(2), ISACA, SANS GIAC, ISO Accredited Auditor)
Knowledge of third-party risk management and/or procurement processes
Familiarity with security compliance automation programs for third party due diligence such as OneTrust, ServiceNow, Venminder, Archer
Experience with enterprise SaaS applications, cloud infrastructure, modern software engineering practices and tools, databases, operating systems, secure network design, and public cloud models such as AWS
Client's Security Risk and Compliance team is looking for a security risk and compliance junior operations associate to join our team. You will partner closely with Engineering, Sales, Security, and other cross-functional teams to support our customer trust and security compliance efforts.
You will support the Security Risk and Compliance team in our customer trust program by assisting sales teams with customer assessments and improving our internal and external documentation. In addition, you will help contribute to our internal training and awareness program by managing and tracking our ongoing security and awareness campaigns. You will interact cross-functionally with sales, solutions engineering, engineering, and with others across the business to deliver high-impact and high-value information to new and prospective customers.
This role is a work-from-home type and will follow a Pacific Standard Time (PST) shift.
2k internet allowance - reimbursable
5k medical allowance - reimbursable
Customer Trust & Sales Enablement
Provide support in delivering accurate, timely, and professional responses to customer security questionnaires and technical inquiries by managing the end-to-end response process for questions and escalating when needed.
Review and process customer access requests for security documentation.
Perform ad-hoc updates to client's security knowledge base and resources as needed.
Security and Privacy Awareness Training
Manage the lifecycle of security and privacy awareness campaigns for new hires.
Support annual security and privacy awareness campaigns.
Help to escalate overdue security training for completion.
Team Operations
Perform ad-hoc project support on security risk and compliance work as directed.
At least 3 years of experience in an information security, governance, risk, and compliance (GRC), and/or customer trust facing role for a technology company.
BA/BS in relevant field or equivalent work experience in information security
Experience reviewing and completing security and compliance questionnaires, including custom questionnaires as well as industry-standard questionnaires (e.g. SIG, CAIQ, HECVAT, VSA)
Familiarity with security and privacy compliance programs such as SOC 2, ISO 27001/17/18, CSA STAR, GDPR, FedRAMP, NIST, etc.
Familiarity with a security and privacy training program at a technology company
Ability to multitask, prioritize, and organize efficiently with minimal daily supervision
You are a detail-oriented problem solver and a forward thinker
Excellent written and verbal communication skills with the ability to convey security concepts clearly, effectively, and accurately
Ability to understand and communicate internal processes to stakeholders
Excellent interpersonal and communication skills and the ability to form relationships with internal and external teams
Strong preference for relevant Information Security Certification(s) (CISSP, CISA, CISM, CRISC, CCSK, ISC(2), ISACA, SANS GIAC, ISO Accredited Auditor)
Knowledge of third-party risk management and/or procurement processes
Familiarity with security compliance automation programs for third party due diligence such as OneTrust, ServiceNow, Venminder, Archer
Experience with enterprise SaaS applications, cloud infrastructure, modern software engineering practices and tools, databases, operating systems, secure network design, and public cloud models such as AWS
