Jobs

Security Compliance Specialist

BostonBostonMassachusettsUnited StatesNorth America

Cyber security is one of the fastest growing priorities across industries, with over half of developers expecting it to become even more important over the next 12-18 months. Here at Secure Code Warrior (SCW), we’re focused on transforming security and compliance from a check-box on the roadmap to an always-on mindset across the DevOps cycle. Our approach focuses on upskilling developers through gamification of learning and integrating with their preferred tool sets, such as GitHub and Jira. With SCW, companies are able to differentiate from their competition, and ship code faster and more securely than ever.Founded in 2015 out of Australia, we are a truly global remote-first company with employees all across the globe including Australia, America, Belgium, England, Iceland and more. Plus, an exciting list of global brands that we’re proud to include as our customers, such as JP Morgan Chase & Co, Zoom, and Atlassian. After raising Series B in 2019, from firms such as Goldman Sachs and Cisco Investments, we’re excited to be in the next phase of our growth, focusing on scaling the business to bring secure coding education and developer tools to the world!Top Employee Benefits:Global Flexible Work Schedule Unlimited Paid Time Off (really, we mean it!)Equity/Share OptionsRemote/ Optional Hybrid (Office space available in some locations)12 Weeks Gender Neutral Parental LeaveUS Employees additionally receive fully paid Health/Vision/Dental (Including Dependents)Secure Code Warrior’s vision is to empower developers to be the first line of defense in their organisation by making security highly visible and providing them with the skills and tools to write secure code from the beginning. Our global software security business is growing rapidly, and we are looking to hire a Security Compliance Specialist.Security/Compliance is an integral part of our DNA at Secure Code Warrior. It allows our customers to be confident in our products, while also providing frameworks for well-tuned information security management systems and programs. These standards and frameworks provide clarity to Secure Code Warrior’s internal business teams on how to incorporate security principles in the management of systems, the development of products, and the expansion of our business footprint.You will join Secure Code Warrior as a member of the wider security team, reporting into the Head of Security, Risk & Privacy, specializing in Security/Compliance. You will be instrumental in helping Secure Code Warrior manage and maintain its compliance program, in particular, ISO27X, SOC2 and FedRamp. In addition, you will support our business teams and customers through your security and compliance knowledge and how it pertains to Secure Code Warrior and our products.The ideal candidate will have an aptitude to learn, adapt and thrive in an ever-changing, growing environment.

What Will You Do?

  • Serve as a key member of SCW’s Security Team by supporting and managing compliance activities and monitoring efforts across different regulations (GDPR, SOC2, ISO/IEC, FedRamp etc.).
  • Collaborate cross-functionally. You’ll support our Engineering, Legal, Security, Operations and Revenue teams by translating complex Security concepts to understandable concepts for stakeholders and assist in the review of customer security requirements during the contracting process.
  • Support in-depth security conversations with external Customers and Prospects Infosec teams and provide support in answering external security questionnaires.
  • Take ownership of customer security reviews. You’ll support our revenue and front line business and take ownership of any security reviews requested by our high-touch customers as part of their procurement processes.
  • Have input and contribute to the overall security strategy and roadmap.
  • Manage Incident Response, Business Continuity and Disaster Recovery Compliance Activities.
  • Security Awareness Training - You’ll lead training on our security policies and procedures with employees when they start at SCW and annually thereafter.
  • Vendor procurement and management. You’ll play an important part in our vendor risk assessments at the procurement stage and throughout the lifecycle of our vendor relationships.

What skills and experience should you bring?

  • 5+ years of relevant work experience including at least 3 years in a Security or Compliance role; University degree related to Information Security, Computer Science, or related field
  • Experience in auditing of network, cloud, operating systems, and application technologies.
  • Experience working with security standards and frameworks such as ISO 27X, SOC2 or similar.
  • Experience working closely with auditors to articulate technical concepts
  • Cross-functional and commercially minded. You have an appreciation for commercial drivers, which informs a pragmatic and common sense approach to problem solving without sacrificing technical accuracy.
  • The ability to clearly communicate compliance requirements to internal stakeholders and associated implementation to external customers
  • Ability to work efficiently and independently in a fast-paced, high-volume environment
  • One or more compliance certifications e.g. CRISC, CISM, CISA, CISSP, ISO 27001 Implementer, Architect or Lead Auditor.
  • Willingness to learn. You know that security and compliance practices are constantly evolving and you are eager to keep up with any developments and subsequently implement organizational change.
  • A great attitude to support others. A willingness to help other people, with an open attitude, will be essential to your success.
  • Familiarity working in SaaS environment with AWS cloud highly regarded
  • Familiarity with all NIST 800-53 control families and FedRAMP highly regarded
You're joining us at an exciting stage in our journey, and are key to our future success. You’ll have the opportunity to create impact, deliver on your ideas, and use your spark; experience and expertise to help us live long and prosper. Warriors have full flexibility. We appreciate that you’ll do your best work when you’re rested and energized. With our business operating globally, there’s no 9-5 grind at Secure Code Warrior. You’re encouraged to work the days, times and in the way that suits your best. We also offer generous leave and work from home options so you can make work work for you.   We’re a tight-knit team that values humility, diversity, giving back to the community and to each other. Giving back is key to being a Warrior, and we do what we can to make the world a little bit brighter as we work to make it more secure. Diversity. Inclusion. They’re more than just words for us. They’re the hard-and-fast principles guiding how we build our teams, cultivate leaders and create a company where every single person feels safe and celebrated. We have a global, multicultural following—we want to reflect that inside our walls and ensure people come as they are, we like it that way!

Cyber Security Jobs by Category

Cyber Security Jobs by Location

Cyber Security Salaries