Senior Director, Compliance
San Francisco, CA, United States
Applications have closed
Procore Technologies
Die All-in-One-Software für das Baumanagement, die Ihnen hilft, hochwertige Projekte zu realisieren – sicher, pünktlich und im Rahmen des Budgets.Job Description
What if you could use your skills to develop a solution that impacts the way communities’ hospitals, homes, sports stadiums, and schools across the world are built? Construction impacts the lives of nearly everyone in the world, and yet it is also one of the world’s least digitized industries, not to mention one of the most dangerous. That’s why we’re looking for a talented Senior Director, Compliance, to join Procore’s journey to revolutionize a historically under-served industry.
As Senior Director, Compliance, you’ll partner cross-functionally to develop and implement a comprehensive technical compliance strategy in line with business and security objectives. You’ll lead the effort to interpret compliance regulations into actionable controls and corresponding processes, policies, and oversight.
This position will report into the Chief Security Officer and has the opportunity to be based remotely in the United States. We are looking for someone to join us immediately.
What you’ll do:
- Lead a team of technical compliance analysts and associated contractors
- Work collaboratively within Data, Technology, and Security organization as well as cross-functionally with Product & Technology (P&T), Legal & Regulatory Compliance (LRC), and Enterprise Risk Management/Internal Audit (ERM/IA) teams
- Responsible for the creation and delivery of overall technical compliance and security roadmaps
- Accountable for technical compliance project and portfolio initiatives - including monitoring costs, resources, and scheduling
- Monitor compliance-led initiatives against KPIs, managing project risks, stakeholders, and excellent project delivery
- Interpret compliance regulations such as ISO27001, SOC1, SOC2, and NIST800-171 into actionable controls, with corresponding processes, policies, oversight
- Design, implement, and improve PCOR’s common/unified controls framework to reduce audit fatigue
- Direct the development or implementation of compliance-related policies and procedures throughout an organization
- Own coordination and oversight of the IT General Controls program at Procore and design controls in line with Procore policies & procedures and regulatory requirements
- Interprets and develops controls, policies, and SOPs to support compliance with various regulatory requirements
- Monitors, researches, analyzes, and interprets federal and state regulations to determine applicability and risks to IT operations
- Keep informed regarding pending industry changes, trends, and best practices and assess the potential impact of these changes on organizational processes; prepare management reports regarding compliance operations and progress
- Identify, assess, and advise on compliance risks and controls to a variety of stakeholders and customers.
- Works with internal and external audit, business process, and IT owners on policies, processes, and support of controls; represents IT Compliance to internal or external auditors in compliance reviews
What we’re looking for:
- Bachelor’s degree in Cybersecurity, Information Systems, Business, or related disciplines (Masters preferred); 12+ years total in the industry - a mixture of experience with Big 4/consulting firms, technical specialist, and managerial experience preferred
- Experience in Security and Compliance standards like ISO 27001, SOC I & II, NIST, CMMC, FedRamp, etc.; experience in prior SaaS Companies is a major advantage
- Seasoned IT/Technical Compliance Director who can work independently, collaboratively, and lead a team
- Strong leadership and managerial skills; self-sufficient and self-motivated; capable of working with ambiguity in a dynamic environment
- Outstanding written and verbal communication skills - will need to document policies and procedures, and articulate them well across all levels at Procore
- Strong collaboration and negotiation skills and demonstrated ability to manage multiple projects and priorities
- Creative, business-first approach to Technical Compliance
- CISA, CISM, CISSP, and other certifications is a plus
Additional Information
Base Pay Range $184,800-$254,100 Incentive Compensation: Bonus Eligible Procore is committed to offering competitive, fair, and commensurate compensation, and has provided an estimated pay range for this role. Actual compensation will be based on a candidate’s job-related skills, experience, education or training, and location.Perks & Benefits
You are a person with dreams, goals, and ambitions—both personally and professionally. That's why we believe in providing benefits that not only match our Procore values (Openness, Optimism, and Ownership) but enhance the lives of our team members. Here are just a few of our benefit offerings: generous paid vacation, employee stock purchase plan, enrichment and development programs, and friends and family events.
About Us
Procore Technologies is building the software that builds the world. We provide cloud-based construction management software that helps clients more efficiently build skyscrapers, hospitals, retail centers, airports, housing complexes, and more. At Procore, we have worked hard to create and maintain a culture where you can own your work and are encouraged and given resources to try new ideas. Check us out on Glassdoor to see what others are saying about working at Procore.
We are an equal opportunity employer and welcome builders of all backgrounds. We thrive in a diverse, dynamic, and inclusive environment. We do not tolerate discrimination against employees on the basis of age, color, disability, gender, gender identity or expression, marital status, national origin, political affiliation, race, religion, sexual orientation, veteran status, or any other classification protected by law.
Tags: CISA CISM CISSP Cloud CMMC Compliance FedRAMP ISO 27001 KPIs Monitoring NIST Risk management SaaS SOC SOC 1 SOC 2 Strategy
Perks/benefits: Competitive pay Salary bonus Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs