Security Trust & Compliance Program Manager

At Everlaw, our mission is to promote justice by illuminating the truth, and we’re changing the way that legal teams at law firms, corporations, government agencies, and nonprofits find the information they need to achieve their truth-finding goals. 

We are looking for a dedicated and experienced Security Trust and Compliance Program Manager to enhance and manage our security trust and compliance programs. Our Security Trust and Compliance Program is pivotal to Everlaw’s continued topline revenue growth: more than ever, an organization’s security and compliance posture and robustness is a key factor in a customer’s buying decision. As the Security Trust & Compliance Program Manager, you will collaborate with our corporate IT, engineering, legal, and GTM teams to stay ahead of the curve on security, compliance, and risk regulations and trends. The ideal candidate has a strong background in information security, compliance, and risk management, along with exceptional project and program management skills.

Our company culture is open and vibrant and we’re committed to the professional growth of our team members, offering an annual learning and development stipend and regular check-ins with managers regarding career goals. If you’re looking for a place that values passion, integrity, thinking big, and a desire to learn, we’d love to hear from you! Think you’re missing some of the skills and are hesitant to apply? We do not believe in the ‘perfect’ candidate and encourage you to apply if you feel you can bring value to our team.

 

Getting started

• We want you to feel like part of the team early on! Our onboarding process will integrate you into the company with informative sessions on our product, policies, processes, and team structure and goals.
• We’re excited for you to learn, grow, and contribute right away! We trust that you’ll bring experience and knowledge that will uplift and uplevel the team, but we don’t expect you to know everything on Day 1.

In your role, you'll...

Program Management

• Develop, manage and support comprehensive security trust and compliance programs, working closely with our legal team, security engineering team, and other stakeholder teams.
• Define and manage program goals and objectives under leadership’s guidance, and in alignment with company objectives.
• Create and maintain detailed program documentation, including policies, procedures, and guidelines.
• Implement and track key performance indicators (KPIs) to measure the effectiveness of security trust and compliance programs.
• Work independently to identify and execute program management activities, document plans and report updates and/or challenges.

Compliance & Trust Program Coordination and Support

• Lead, execute and manage Everlaw’s security and privacy training awareness programs.
• Identify and manage security risks and vulnerabilities, and collaborate with the Security Engineering and Corporate IT team to track remediation efforts.
• Assist the GRC team in performing security risk assessments and developing mitigation strategies.
• Lead Everlaw’s annual cybersecurity insurance renewal process in collaboration with Finance, SecEng, IT, and other teams.
• Lead Everlaw’s annual security and operational policies and procedures update initiative in collaboration with Finance, SecEng, IT, and other teams.
• Support Sr. Compliance Program Managers and Trust Program Manager to help drive program maturity.
• Coordinate preparation of  metrics, status updates, and provide timely updates to the SMT (Security Management Team), SLT (Security Leadership Team), Sales leadership, and other management groups.
• Develop and deliver security trust reports, metrics and dashboards for management.
• Perform annual vendor security and privacy risk assessments,
• Support Trust Program Manager to develop customer facing materials and understand customer needs.
• During the busy season (quarter end, year end) time frame, assist with customer RFI work.
• Support compliance and customer security audits and assessments, providing necessary documentation and support.
• Assist the GRC team with other ad hoc and as-required tasks.

About you

• You have a Bachelor’s degree in Information Security, Computer Science, Risk Management, or a related field.
• You have 2- 3 years of experience in information security, compliance, or risk management.
• You have 1-2 years of experience managing security and compliance programs. 
• You have strong data analytics skills 

Pluses: 

• You are familiar with security frameworks and standards (e.g., ISO 27001, NIST, SOC 2).
• You possess one or more cybersecurity-related certifications (e.g., CISSP, CISM, CRISC, CISA).

Benefits

• The expected salary range for this role is between $145,000 and $170,000. The final offered salary will be dependent upon many factors including the candidate’s experience and skills. The base pay range is subject to change in the future
• Equity program
• 401(k) retirement plan with company matching
• Health, dental, and vision
• Flexible Spending Accounts for health and dependent care expenses
• Paid parental leave and approximately 10 days (80 hours) per year of sick leave
• Seventeen paid vacation days plus 11 federal holidays
• Membership to Modern Health to help employees prioritize mental health and wellness
• Annual allocation for Learning & Development opportunities and applicable professional membership dues
• Company-sponsored life and disability insurance
• Find out more about our Benefits and Perks

Perks

 

• Flexible work-from-home days on Tuesdays and Fridays
• Monthly home internet reimbursement
• Select your preference of hardware (Mac or PC) and customize your desk setup
• Enjoy a wide variety of snacks and beverages in the office
• Bond over company-wide out-of-the-box events and fun activities with your team
• Time off for company-sponsored volunteer events and 4 paid hours per quarter to volunteer at a charitable organization of your choice
• Take advantage of learning and career development opportunities
• Ranked #9 on Glassdoor's Best Places to Work 2023 for US small and medium companies
• One of Wealthfront’s 2021 Career Launching Companies, and ranked #2 on the “2022 Bay Area Best Places to Work” list by the San Francisco Business Times and the Silicon Valley Business Journal
• One of Fast Company’s World's Most Innovative Companies for 2022 and proud contributor of free ediscovery resources to benefit the greater good through “Everlaw for Good”
• #LI-JD1
• #LI-Hybrid 

 

Pursue Truth While Finding Yours At Everlaw, we are deeply invested in pursuing the truth, for our clients and for our employees. We know that when you’re empowered to pursue your passions, it is reflected in the work. That’s why we’re committed to the professional growth of all our team members, offering an annual learning and development stipend and regular career check-ins with managers. If you’re looking for a place that values passion, integrity, and a desire to learn, we’d love to hear from you!    ​​About Everlaw We help law firms, government agencies, and corporations sift through millions of documents of evidence in big lawsuits and investigations to find the proverbial smoking gun (or needle in the haystack -- pick your metaphor). It's a multi-billion dollar space typically dominated by service-oriented vendors, and we're coming at it with cutting-edge technology and elegant design. It's working, and we've been growing very rapidly: we host hundreds of terabytes of data and work with all 50 state Attorneys General and hundreds of law firms on some of the most high-profile cases litigated today.    Everlaw is an equal opportunity employer. We pride ourselves on having a diverse workforce and we do not discriminate against any employee or applicant because of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition, or any other basis protected by law. We respect the gender, gender identity and gender expression of our applicants and employees, and we honor requests for pronouns. It is our policy to comply with all applicable national, state and local laws pertaining to nondiscrimination and equal opportunity, including the California Equal Pay Act.  Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.   Everlaw requires all of its employees to be fully vaccinated for COVID-19, unless a medical or religious exemption applies.  If you are hired, we will require you to prove that you have received the COVID-19 vaccine, unless you have received a medical or religious exemption.   We collect and process the personal information you provided along with your job application in accordance with our Applicants Privacy Notice and Notice at Collection.