Costa Rica_ Senior Compliance Specialist
Costa Rica, Remote
Zuora
Zuora is the industry leader in subscription management. Build, run and grow your subscription business with Zuora’s suite of advanced billing and revenue recognition tools.YOUR MISSION:
The role of a Compliance Engineer is to work with our Trust and Compliance team to:
- Drive security compliance efforts from the beginning to the end by maintaining a positive relationship with both internal and external stakeholders
- Maintain compliance documentation, including audit evidence, controls, and vendor security reviews
- Design, implement, maintain, and improve programs to address key company risks and prepare internal teams for independent assessments against a wide variety of regulatory and compliance frameworks (PCI, SOC, ISO 27XXX, HIPAA, GDPR, etc)
- Monitor the performance of the compliance program through the development of and maintenance of automated systems.
- Work with cross functional teams to identify risks and gaps in our compliance controls and facilitate remediation across our products and infrastructure.
- Assist with completing security questionnaires from customers and answering customer questions with respect to compliance; work with the internals team to create customer collateral to educate internal staff and aid in the sales process
- Assist with requesting/reviewing security questionnaires/contracts from vendors and identify security risks and gaps in the compliance controls to aid in the procurement process
- Develop automations of risk management, control execution and monitoring
WHAT YOU’LL NEED TO BE SUCCESSFUL
- 3+ years of experience with a demonstrated track record of success in GRC, internal audit, security, and/or privacy space.
- Knowledge of various compliance frameworks (PCI, SOC2, ISO 27001, ISO 27018, HIPAA, GDPR, etc.)
- Strong experience with any scripting languages like Ruby, Python, Unix shell, bash, etc.
- Functional knowledge of multiple security domains and information security industry standards and best practicess
- Experience leading 3rd party risk management programs, including responding to customer security questionnaires, interacting directly with customer sales and security teams, and reviewing vendor security
- Solid experience managing compliance initiatives for cloud platforms and interacting with external auditors
- Strong project management skills
- Strong written and verbal communication skills
NICE TO HAVEs
- A mix of experiences at a Big Four (or similar) audit or consulting firm and at an in-house governance, risk, and compliance function at a SaaS company
- Industry recognized certification in security ISO 27001 LA / LI D desire to pursue CISSP, CISA, CISM, CCSK, etc. in 6 months.
- Experience working in an international / global organization
Tags: Bash CISA CISM CISSP Cloud Compliance GDPR Governance HIPAA ISO 27001 Monitoring Privacy Python Risk management Ruby SaaS Scripting SOC SOC 2 UNIX
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open DevSecOps-related jobs
- Open CI/CD-related jobs