Compliance Specialist, GRC
San Francisco, CA; Austin, TX
Airtable
Airtable is a low‒code platform to build next‒gen apps. Move beyond rigid tools, operationalize your critical data, and reimagine workflows with AI.Airtable’s mission is to enable anyone to create software. Users can only create fearlessly when they trust that their data is safe with us. Therefore, Airtable needs to ensure that the data its customers store and process in its platform is secure and protected.
Airtable is looking for someone who wants to work in a fast paced and dynamic environment, is highly motivated, independent, passionate, collaborative, and humble that wants to make a difference and really grow Airtable’s compliance program.
What you'll do- Lead, implement, maintain, and improve Airtable compliance initiatives and audits (e.g. SOC 2, ISO 27001, etc.).
- Manage Airtable’s Common Control Framework (CCF)
- Collect and manage evidence for audits.
- Build out and document a System Security Plan.
- Work with other teams such as Engineering, IT, and HR to ensure compliance across the organization.
- Consult on the compliance requirements for existing and new controls.
- Act as the primary point of contact for auditors and stakeholders with respect to audits, assessments and product compliance.
- Manage & track findings from identification to closure. Ability to evaluate & review a plan of action and determine if the proposed plan meets control requirements.
- Coordinate projects and implementation for new sought after compliance certifications such as NIST CSF, FedRAMP, HIPAA
- Learn more about our Engineering team and values here.
- 5+ years experience in internal audit or compliance with emphasis on using frameworks such as SOC2, NIST 800-53, NIST CSF, and/or ISO27001
- FedRAMP and/or HIPAA experience
- Experience and familiarity with cloud data compliance and working with public cloud solutions (AWS)
- Independent self-starter, ability to manage multiple projects simultaneously
- Detail-oriented and organized, with good analytical and problem-solving skills
- Flexible and able to change gears and focus depending on team and company priorities
- Certification in Security such as CISA, CISSP is a plus
- Big4 experience is a plus
- Experience using a GRC tool is a plus
- NIST CSF Maturity Model experience is a plus
Compensation awarded to successful candidates will vary based on their work location, relevant skills and experience. The base salary range for this role is $171,108 - $222,068 for all office and remote locations. Our total compensation package also includes the opportunity to receive benefits, restricted stock units, and may include incentive compensation. To learn more about our comprehensive benefit offerings, please check out Life at Airtable.
Airtable is an equal opportunity employer. We embrace diversity and strive to create a workplace where everyone has an equal opportunity to thrive. We welcome people of different backgrounds, experiences, abilities, and perspectives. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status or any characteristic protected by applicable federal and state laws, regulations and ordinances. Learn more about your EEO rights as an applicant.
VEVRAA-Federal Contractor
If you have a medical condition, disability, or religious belief/practice which inhibits your ability to participate in any part of the application or interview process, please complete our Accommodations Request Form and let us know how we may assist you. Airtable is committed to participating in the interactive process and providing reasonable accommodations to qualified applicants.
Please see our Privacy Notice for details regarding Airtable’s collection and use of personal information relating to the application and recruitment process by clicking here.
Tags: Airtable Audits AWS CISA CISSP Cloud Compliance FedRAMP HIPAA ISO 27001 NIST NIST 800-53 Privacy SOC SOC 2 System Security Plan
Perks/benefits: Flex hours
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open IPS-related jobs