Senior Manager of Compliance

Remote (Canada), Remote (United States)

Applications have closed

CircleCI

Get the best continuous integration and delivery (CI/CD) for any platform, in our cloud or on your own infrastructure, for free.

View company page

CircleCI is looking for a Senior Manager of Compliance!  In this role, you will own CircleCI’s technical Compliance function and work with various areas of the business to design, implement, and manage GRC initiatives which support the company’s ongoing business and security needs.

In addition to managing the overall Compliance function, you will - in conjunction with the existing team - interpret and set CircleCI’s compliance requirements, assess the effectiveness of implemented security controls, use risk-based decision-making, participate in cross-functional teamwork and communication, and stay up-to-date on standard compliance methodologies.

What You’ll Do:

  • Lead, coordinate, maintain, and improve CircleCI’s Compliance program
  • Supervise and improve the processes and controls used to maintain our SOC 2 and FedRAMP certifications
  • Collaborate with both auditors and business partners, articulate control implementation and impact, and describe considerations for applying security and compliance concepts in a technical cloud environment
  • Participate in day-to-day compliance triaging and support activities
  • Work cross-functionally to remediate compliance control gaps, including documenting and communicating findings with partners and team members
  • Keep up to date on regulatory changes that may impact CircleCI’s compliance efforts
  • Coach and mentor current team members to build an outstanding Compliance team

What You Bring:

The ideal candidate is a diligent, technical, and experienced compliance professional with a background in leadership, implementation, regulatory control requirements, process improvement and compliance risk analysis.

  • 7+ years of experience in compliance, preferably with experience leading the Security/GRC function in a Cloud/SaaS environment
  • Demonstrated experience achieving and maintaining compliance certifications for a SaaS service (preferably, FedRAMP and SOC 2)
  • In-depth knowledge of FedRAMP, NIST 800-53 security controls, NIST 800-37 risk management framework, building and running the federal compliance program
  • Comfort leading cross-functional resolutions of risk and compliance issues
  • Excellent verbal and written communication skills.  You can write and manage large technical documents and translate technical concepts into clear terms for non-technical audiences
  • Passion for workflows, processes, tools and team dynamics and how these impact a company’s ability to scale
  • An understanding of Compliance’s role in the procurement process
  • Familiarity with both project management and audit, risk, and compliance software
  • CRISC, CISM, CISA or CISSP or similar industry certifications a plus

About CircleCI

CircleCI is the world’s largest shared continuous integration/continuous delivery (CI/CD) platform, and the hub where code moves from idea to delivery. As one of the most-used DevOps tools - processing more than 1 million builds a day - CircleCI has unique access to data on how engineering teams work, and how their code runs. Companies like Spotify, Coinbase, and BuzzFeed use us to improve engineering team productivity, release better products, and get to market faster.

Founded in 2011 and headquartered in downtown San Francisco with a global, remote workforce, CircleCI is venture-backed by Base10, Greenspring Associates, Eleven Prime, IVP, Sapphire Ventures, Top Tier Capital Partners, Baseline Ventures, Threshold Ventures, Scale Venture Partners, Owl Rock Capital, Next Equity Partners, Heavybit and Harrison Metal Capital.

CircleCI is an Equal Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law.

 

US Salary Range: "$150,000- $215,000"

Tags: CI/CD CircleCI CISA CISM CISSP Cloud Compliance CRISC DevOps FedRAMP NIST NIST 800-53 Risk analysis Risk management RMF SaaS SOC SOC 2

Perks/benefits: Equity Team events

Regions: Remote/Anywhere North America
Countries: Canada United States
Job stats:  34  6  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.