Governance Risk and Compliance Specialist at Red Canary
Who You Are
- expertly identifies, articulates, and designs mitigating strategies around risks.
- can seamlessly context-shift between various compliance and regulatory frameworks, with solid experience with SOC 2 and ISO 27001, specifically.
- speaks the language of auditors, but can articulate modern technological paradigms (i.e., infrastructure-as-code, CI/CD, etc.).
- has outstanding written and verbal communication skills.
- understands the balance between policy and culture; someone who can ensure safety without impeding the creative whirlwind.
- understands the unique risks presented by cloud-native architecture, and compliance and audit strategies for environments heavily reliant on SaaS
- has experience, or interest, in applying automation to the collection and presentation of compliance data.
What You'll Do
- Contribute to all internal governance, risk and compliance activities.
- Work with business unit leads to improve guardrails to make compliance transparent, simple, and easy.
- Ensure that policies and controls are effective, while aligning them to company culture and all applicable compliance requirements.
- Schedule, prepare for, and lead annual SOC 2 Type II and ISO 27001 audit activities.
- Respond to customer, partner or vendor questionnaires in support of the sales team and contractual obligations.
- Deliver security awareness training that is both relevant and instructive.
- Automate the collection and presentation of auditing data for internal and external consumption.
Additional benefits of working at Red Canary include:
- Exceptional healthcare and dental coverage including fully paid premiums.
- Flexible PTO and leave time
- 401k and flex-spending accounts
- Fitness, phone, internet, and discretionary stipends