Security Compliance Manager
San Francisco
Hive
Hive's APIs enable developers to integrate pre-trained AI models that address technically challenging content understanding needs into their applications.Hive is the leading provider of cloud-based AI solutions for content understanding, trusted by the world’s largest, fastest growing, and most innovative organizations. The company empowers developers with a portfolio of best-in-class, pre-trained AI models, serving billions of customer API requests every month. Hive also offers turnkey software applications powered by proprietary AI models and datasets, enabling breakthrough use cases across industries. Together, Hive’s solutions are transforming content moderation, brand protection, sponsorship measurement, context-based ad targeting, and more.
Hive has raised over $120M in capital from leading investors, including General Catalyst, 8VC, Glynn Capital, Bain & Company, Visa Ventures, and others. We have over 250 employees globally in our San Francisco, Seattle, and Delhi offices. Please reach out if you are interested in joining the future of AI!
Security Compliance Manager
We are looking for a highly motivated Security Compliance Manager with a deep security and compliance background to lead system development and process improvement. As part of Hive’s Security Team, you will collaborate with engineers and auditors to meet security compliance controls as well as enhance security compliance capabilities.
As a Security Compliance Manager, you will oversee the execution of our Information Security program for evaluating compliance with industry standards (ISO, SOC), federal regulations, and customer contractual requirements. You will have complete ownership and accountability of programs from start to finish, aimed at improving the Hive Company personnel screening compliance and risk monitoring. The ideal candidate is comfortable interacting with both technology and business leaders across the organization at all levels. You will drive consensus among stakeholders and verify that controls are effective, or remediated to become effective.
Responsibilities
- Manage Hive’s current risk management program
- Manage external and internal audits, including reviewing materials that require attention for accuracy and properly adhering to regulatory expectations
- Implement ISMS in coordination with executive and mid-level management
- Develop reports that capture key business trends, highlights, lowlights, and metrics as the compliance programs are conducted. Provide status, recommended updates, and detailed metrics and evidence
- Work with Engineering and Product teams to identify process improvements and efficiencies in areas of change management, access management and general technology process controls
- Provide compliance, risk, and controls expertise to support information security and compliance initiatives
- Protect the business by assisting with cyber security risk assessments
- Maintain awareness of industry best practices for data maintenance handling as it relates to your role
- Manage a comprehensive Governance, Risk and Compliance program
- Adhere to and champion policies, guidelines and procedures pertaining to the protection of information assets
- Manage external security, privacy, and compliance requirements, including both internal requirements for vendors as well as external requirements placed on Hive
- Report actual or suspected security and/or policy violations/breaches
- Define, develop, implement, and maintain our policies and processes that enable consistent, effective privacy practices that minimize risk and ensure the confidentiality of protected information, paper and/or electronic, across all media types and comply with applicable privacy laws and regulations
- Support Hive’s security review process from beginning to end by identifying all necessary internal stakeholders based on the request (e.g., security survey, audit, review), assembling relevant and appropriate documentation, drafting responses, scheduling and leading calls/meetings, and communicating follow-up activities
- Serve as a subject matter expert for information security principles and practices (especially as they pertain to vendors and cloud security), and promoting a culture of security throughout the firm
- Interface with staff throughout the firm to facilitate the efficient and secure use of technology services
Requirements
- Bachelor's degree or related experience
- Minimum 4+ years experience related to conducting risk-based assessment for information systems and/or operations
- Minimum 1+ years experience running a comprehensive Governance, Risk and Compliance program
- Minimum 2+ years experience leading industry standard (ISO 27001 or SOC 1/2) audits from either side
- Strong knowledge of applicable privacy laws (CCPA/CPRA, GDPR)
- Thorough understanding of vulnerability management, penetration testing, and attack simulations
- Experience supporting enterprise-wide Security Compliance programs designed to anticipate, assess, and minimize control gaps and audit findings
- Ability to communicate in a written and oral format to technical and non-technical audiences in a business-friendly manner
- Demonstrated success in a competitive environment
- Highly self-motivated and ambitious in achieving goals
- Strong team player, but can work and execute independently
- Driven; no one needs to push you to excel; that’s just who you are
- Hungry to learn and actively look for opportunities to contribute
- Highly organized and detail-oriented; can handle multiple projects and dynamic priorities without missing a beat
We are a group of ambitious individuals who are passionate about creating a revolutionary AI company. At Hive, you will have a steep learning curve and an opportunity to contribute to one of the fastest growing AI start-ups in San Francisco. The work you do here will have a noticeable and direct impact on the development of the company.
Thank you for your interest in Hive and we hope to meet you soon!
Tags: APIs Audits CCPA Cloud Compliance GDPR Governance ISMS ISO 27001 Monitoring Pentesting Privacy Risk assessment Risk management SOC SOC 1 Vulnerability management
Perks/benefits: Career development Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open EDR-related jobs