SOC2Compliance Manager

LOCATION: Palo Alto, CA

We are looking for an experienced and driven Compliance Manager who is looking to put their auditing experience, technical expertise, and information security knowledge to plan, execute, and deliver on existing and strategic new compliance certifications. As our Compliance Manager, you will play a key role in building scalable and efficient processes related to corrective actions, product compliance, and the overall compliance framework. The right person will be excellent at communicating vertically and horizontally across the company and will be comfortable explaining TrustLab's compliance posture to both internal and external customers, working cross-functionally, and providing technical and creative guidance to technical teams.

WHAT YOU'LL DO

• Drive Compliance programs such as SOC2 and ISO 27000 series.
• Monitor and identify compliance issues and follow-up
• Provide compliance guidance on new product features, deviations, and changes in the infrastructure
• Support and drive both compliance and customer audits
• Drive improvements in existing processes and develop new innovative and efficient solutions
• Communicate gaps to management and coordinate cross-functional team meetings to remediate and close the control gaps
• Build relationships with internal and external stakeholders
• Accurately and effectively communicate our compliance position and programs to auditors and customers

WHO YOU ARE

• You have led a SOC2 Compliance program. Knowledge of other compliance frameworks (SOC, ISO 27001, GDPR, NIST 800-53) a strong plus
• You have worked with Vanta or a similar platform.
• Strong familiarity with AWS ecosystem and the different security solutions offered by AWS such as Security Hub and Guard Duty
• Ability to efficiently triage alerts from Vanta, Security Hub, Guard Duty etc while making efficient use of eng and devops resources
• BS degree in Business or Management Information Systems or related field OR equivalent work experience
• 6 years experience in an equivalent technology risk and compliance related role
• QSA, CISA, CIA, CISSP or other related certifications a plus
• Experience working with and implementing GRC tools and processes
• Excellent written, verbal communication and presentation skills
• Big 4 Experience, Management Consulting Experience, or Startup Experience preferred
• Willingness to wear different hats and work on areas where needed
• Amazing organizational skills with a drive to succeed in a fast-paced environment
• Ability to hustle, get stuff done, and has strong integrity

Job Type: Full-time

Benefits:

• 401(k)
• 401(k) matching
• Dental insurance
• Employee discount
• Flexible schedule
• Health insurance
• Paid time off
• Paid training
• Vision insurance

Shift:

• 8 hour shift

Weekly day range:

• Monday to Friday

Experience:

• SOC2: 3 years (Preferred)

Work Location: In person