View Offer
Work > Jobs > Engineering > Work from home > View Offer 

Governance Risk and Compliance Engineer

Company not shown
Work from home  Work from home
Engineering, English

Job Description:


(COMPANY NAME)'s WebOps Platform powers the open web, running sites in the cloud for customers including Stitch Fix, Okta, Home Depot, Pernod Ricard and The Barack Obama Foundation. Every day, thousands of developers and marketers create, iterate, and scale websites on the open web to reach billions of people globally. (COMPANY NAME)'s SaaS model puts large and small web and digital teams in control of increasing the performance of their teams, websites, and marketing programs. (COMPANY NAME) cloud native software includes governance, security and collaboration tools that make it easy to securely manage a single website or thousands of websites across multiple teams in one platform. The built-in ability to simultaneously create, test, deploy and run live sites with unrivaled hosting speed, scalability and uptime give marketing teams the agility to win in the dynamic world of digital marketing.

With 35% of the web running open-source and significant investments in a $200 billion total addressable market, we are growing aggressively into a huge market opportunity and looking to expand our organization.

The Role

As the Governance Risk and Compliance Engineer, you will build, manage, and mature (COMPANY NAME)'s Information Security program through establishing guidance and security controls in addition to helping to manage security risk to an acceptable level. In addition, you will assist with our annual SOC2 assessment and other frameworks that (COMPANY NAME) maintains or choses to maintain on an on-going basis.

(COMPANY NAME)'s core company values are Trust, Teamwork, Passion, and Customers First. At (COMPANY NAME), we work hard and play harder, valuing individuality, humor, and balance. We're enthusiastic participants in several open-source communities and have real relationships with many of our most active customers. If all of this sounds interesting to you, read on!

Cool Stuff You'll Do

* Provide program management for (COMPANY NAME)'s Information Security program in alignment with ISO xxxx1.

* Develop and maintain (COMPANY NAME)'s Information Security documentation including the Information Security Policy, standards, and guidelines.

* Maintain security control frameworks (COMPANY NAME) ascribes to such as ISO xxxx2 and SOC2

* Assess and build automation workloads supporting compliance initiatives, including, but not limited to, evidence collection, reporting, and exchange with auditors

* Identify, track, and communicate security risks to the business and ensuring proper risk treatment based upon (COMPANY NAME)'s Risk Management requirements

* Assist the Sales team with due diligence requests from customers and prospects

* Support privacy initiatives (e.g. GDPR, CCPA, etc.) with legal as needed

* Perform due diligence on (COMPANY NAME)'s vendors and partners to ensure they meant (COMPANY NAME)'s security requirements

What You'll Bring to the Table

* Experience developing and writing Information Security documentation, including policies, standards, guidelines, and requirements.

* Experience performing risk assessments in technical environments

* Experience coordinating a SOC2 Type 2 engagement

* Experience with ISO xxxx1 certification is a plus

* Well develop interpersonal skills that drive engagement with all levels of the business

* Mature communication skills in both written and oral form.

* You take pride in what you can do as part of a team.

What We Offer

We have all the usual perks and benefits but what we can really offer you is a fantastic work environment powered by an amazing team.

* Industry competitive compensation and stock option plan

* Unlimited time off and sick days

* Full medical coverage (medical, dental, vision)

* Top-of-line equipment

* Fun at WordPress and Drupal community events

* Extra benefits like a stipend for reading books and your work-outs and a whole suite of paid apps for mental as well as physical health and wellbeing

* Events and activities both team-based and company wide that inspire, educate and cultivate

To review the Employee and Applicant's Privacy Policy, click here.

(COMPANY NAME) is an equal opportunity/affirmative action employer and we welcome applications from all backgrounds regardless of race, color, religion, sex, national origin, ancestry, age, marital status, sexual orientation, gender identity, veteran status, disability, or any other classification protected by law

Source: Company website
Posted on: 23 Sep 2022
Languages: English
111.236 jobs and internships
in 137 countries
Saved jobs () Applied () Logout