Security Compliance Lead

Transparent

San Francisco, CA, US
  • Job Type: Full-Time
  • Function: Legal
  • Industry: Technology
  • Post Date: 07/21/2021
  • Website: seetransparent.com/en
  • Company Address: , Madrid, Spain

About Transparent

Transparent is the global leader in providing data intelligence for the vacation rental industry.

Job Description

About The Role:

In this role, you will protect Notion's product and customer data by building sustainable risk and compliance processes that balance productivity and security. This is a unique opportunity to build and lead a team of cybersecurity risk and compliance professionals in their day-to-day work and assisting them in career development and growth. In coordination with leadership, you will help define risk and compliance strategy.

This role will be based in our San Francisco office. However, under current circumstances, remote work is being accommodated in order to comply with safety measures.

What You'll Achieve:

  • You will be a senior individual contributor to start but will have the opportunity to build and manage a diverse and inclusive team over time to protect core parts of Notion's product and our customer’s data
  • You'll collaborate closely with peers from other functions — Product, Legal, IT, Marketing, Sales, and Support, to name a few, to stay aligned on product direction, compliance requirements, and on ongoing operations
  • Lead risk and compliance activities that support future business growth, such as SOC2, HIPAA, and ISO 27001.
  • Oversee and maintain compliance documentation, including audit evidence, controls, and vendor security reviews
  • Research and provide guidance on risk and compliance requirements
  • Establish and deliver meaningful and actionable compliance metrics and reporting
  • Grow the team and align project assignments with career development goals and company vision
  • Inspire and promote creativity and innovation while managing missteps and mistakes as opportunities to grow and learn

Skills and Toolset You'll Need to Bring:

  • Minimum of a BA or BS degree and 5+ years experience managing compliance programs of 2-5 people
  • You are motivated by solving challenging problems with simple, efficient solutions and feel great satisfaction from helping others. Your dedication and high standards translate to impressive results and attract like-minded people.
  • You create team environments that are at once collaborative, empowering, supportive, and challenging—ones where staff do their best work.
  • Culture matters to you. You get excited about a cohesive, energetic, and fun work environment. An environment that fosters creativity, transparency, vision, growth, and individuality. You have the drive and spark to thrive in a dynamic environment.
  • You value empathetic and direct communication, particularly when giving and receiving feedback
  • Support a collaborative, performance-driven culture that builds bridges with other functional groups across the enterprise and maintains positive working relationships
  • You are master of multitasking, triaging and prioritizing
  • Solid experience managing compliance initiatives for cloud platforms and interacting with external auditors
  • Ability to identify and recommend tools, processes, and software to automate and continuously improve compliance practices
  • Good understanding of security related industry standards and frameworks, such as ISO 27001/2, SOC2, HIPAA, etc.
  • Experience leading 3rd party risk management programs, including responding to customer security questionnaires, interacting directly with customer sales and security teams, and reviewing vendor security
  • Working knowledge of major security disciplines including defensive, offensive, architecture, engineering & software development
  • Superior communication and interpersonal skills

Nice-To-Haves:

  • You have managed risk and compliance teams at startups before, particularly during periods of rapid growth and organizational change
  • You have experience implementing compliance frameworks where they didn't exist before
  • Managing a security awareness program
  • Managing hybrid teams comprised of internal resources and MSSP
  • Industry certifications (CISA, CISSP) a plus

Our customers come from all walks of life and so do we. We hire great people from a wide variety of backgrounds, not just because it's the right thing to do, but because it makes our company stronger. If you share our values and our enthusiasm for small businesses, you will find a home at Notion.

Notion is proud to be an equal opportunity employer. We do not discriminate in hiring or any employment decision based on race, color, religion, national origin, age, sex (including pregnancy, childbirth, or related medical conditions), marital status, ancestry, physical or mental disability, genetic information, veteran status, gender identity or expression, sexual orientation, or other applicable legally protected characteristic. Notion considers qualified applicants with criminal histories, consistent with applicable federal, state and local law. Notion is also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation made due to a disability, please let your recruiter know.

We use cookies to customize your user experience. Click “Agree” if you agree with our Policy.