Governance, Risk, and Compliance Specialist
Seoul, South Korea
SendBird
Boost app engagement with modern chat, voice and video features. Quickly build your custom in-app experience with Sendbird's Chat API and SDK.Sendbird is elevating our security team with the addition of a Governance, Risk, and Compliance Specialist As part of the march towards our vision of building a powerful user engagement platform, we are putting together a world class Security Team to help secure our customers' data and earn their trust. Specifically, we need a GRC Specialist to help maintain compliance certifications such as SOC2, HIPAA, and ISO27001, as well as managing our Security Risk, Vendor Security, and Customer Trust programs.
What You Will Do
- Own SOC2 , ISO 27001 , HIPAA compliance
- Lead security assessments and interface with regulators on an as needed basis
- Support the security risk assessment process
- Collaborate closely with various teams such as IT , Engineering , HR, Sales, etc.
- Address customer inquiries regarding security by providing clear information and guidance
- Help the vendor due diligence and third-party risk management processes
- Lead efforts to achieve and maintain relevant security certifications in KR and US
- Monitor and track the effectiveness of security controls, implementing continuous improvement to enhance the security posutre
- Provide security awareness training to employee, fostering a culture of security consciousness
- Develop and maintain security documentation, including policies, standards, procedures and guidelines, to ensure consistency and compliance with industry standards
What You'll Bring to the Role
- 5+ year of cybersecurity experience in relevant security domains
- Experience as the main point of contact for GRC related initiatives
- Comfort working with cross functional teams and priorities
- Strong analytical and problem-solving skills
- Ability to work independently and as part of a team
- An ability to communicate ideas clearly and effectively to engineers who know way more than you about their code
- Ability to communicate effectively in English (both written and spoken English)
Bonus Points:
- Experience in managing security compliance audits within a cloud based environment
- Relevant certifications such as CISSP, CISM, CRISC, or CISA
Our KR benefits include (but are not limited to)
- Silicon Valley's equity program (1-year cliff)
- Remote work policy, flexible work hours
Be Your Best Self: 3.9 million won (prorated by start date) for expenses ranging from professional development classes and training, to personality assessments, to gym memberships, to books, to fitness classes, to mental health services, to massages - Support for home office set up such as motion desks, chairs, monitors, and AirPods
- Learn a Language benefit - up to 3.6 million won per year towards language lessons
- Weekly office lunch
- Monthly team building cost
- Partial support for commuting costs
- Free parking at the Seolleung office
- Group insurance support that covers employees, spouses, and children
- Medical checkup support, including MRI and genetic testing - for the employee and one family member
- Seven additional paid holidays in addition to annual leave (Boost leave, Birthday leave, etc.)
- Support for the latest work devices, such as MacBook Pro (special support options for each job position)
- Unlimited snack bar filled with snacks, beverages, and instant noodles every day
- 12-week paid parental leave support (available for both mothers and fathers)
- Other support programs for congratulations and condolences
The Future of Work at Sendbird
Sendbird values both work efficiency and team collaboration, and relationship building. For that purpose, we operate the new Future of Work 2.0 system. Those who live within an hour's commute to work will go to the office once a week to achieve synergy while autonomously choosing the best place and time to work together. Depending on your residence, organization, or nature of work, the frequency of attendance will be determined by consulting with the team.
What diversity and inclusion mean to us
There is no such thing as a perfect candidate and the best employees come from a wide range of backgrounds, experiences, and skill sets. Sendbird is a place where everyone can learn and grow. We respect, promote, and encourage diversity for equal employment opportunities and encourage you to apply if this role excites you.
About Sendbird
At Sendbird, we are building the most scalable and powerful chat API in the world with a mission to build connections in a digital world. Conversations have always been the way people build relationships and get things done and our goal is to put the power of conversations in the hands of every developer and brand by making apps more social through chat, voice and video.
Sendbird is rapidly growing unicorn start-up headquartered in San Mateo, CA with additional offices in; New York, London, Seoul, Singapore, and Bengaluru and has raised over $220M with a $1 Billion+ valuation from leading investors, including: ICONIQ Capital, STEADFAST Capital Ventures, Tiger Global Management, Shasta Ventures, Softbank Vision Fund 2, and Y Combinator.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Audits CISA CISM CISSP Cloud Compliance CRISC Governance HIPAA ISO 27001 Risk assessment Risk management Security assessment SOC 2
Perks/benefits: Career development Flex hours Gear Health care Home office stipend Medical leave Parental leave Salary bonus Snacks / Drinks Startup environment
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open IPS-related jobs