Compliance Analyst II, Customer Trust
Security at HashiCorp is a remote team. While prior experience working remotely isn't required, we are looking for team members who can perform well given a high level of independence and autonomy.
We are looking for a self-motivated individual fascinated by complex customer inquiries, who thrives in fast-paced environments and can seamlessly drive processes with multiple stakeholders to accomplish bold things.
In this role, you will:
- Work directly with customers and internal teams to complete customer security assessments of HashiCorp products
- Work cross-functionally to help create and maintain internal and customer facing content about HashiCorp’s security program and controls, such as pre-filled questionnaires and whitepapers
- Provide support and guidance on collateral such as external security audit reports and frequently asked questions to the internal teams
- Hold meetings with customers to answer questions about our security program and controls
- Reviewing security terms in contracts and redlining
- Track and report on trends in repeated customer asks and points of friction, and work with internal teams to help prioritize and define customer related requirements
- Proactively suggest improvements to the customer trust program
- Assist with other GRC activities as needed
- Flexibility in daily hours (i.e., willingness to work longer hours during end of quarter, peak periods and audits)
- 2-5+ years of experience in a relevant GRC focus area
- Basic knowledge of SaaS and Cloud (AWS, GCP, and others) environments
- Experience in customer trust, technical account management, or other relevant areas
- Experience with completing customer security questionnaires
- Experience with building out and maintaining pre-filled security questionnaires such as the SIG and CAIQ
- Understanding of information security and security governance, risk and compliance frameworks, methodologies and practices
- Working knowledge of one or more compliance frameworks, standards, or control catalogs, such as SOC2, ISO 27001, and NIST 800-53
- Ability to prioritize, plan, execute, and track multiple security assessments at once following established processes and procedures.
- Strong attention to detail, comfortable to work independently as well as with teams.
- Highly responsive and have a customer first mindset
- Proficient written and verbal communication skills including the ability to communicate clearly and concisely to all levels, and explain the need for key controls to technical and non-technical individuals.
- Previous experience at a SaaS company in a similar role & size company
- Previous experience with or knowledge of HashiCorp products
- Ability to “connect the dots” across multiple data points, make connections upstream/downstream that may not be easily noticeable
- Ability to mobilize and motivate teams; set direction and approach; resolve conflict; execute with limited information and ambiguity
Colorado, California, Washington and New York City Applicants: To view base salary ranges for this role in your location and to learn more about which roles are eligible for bonus pay or commissions, please visit our Pay Transparency calculator. Information on our benefits can be found here. Intern ranges can be found here.