InfoSec - Compliance and Customer Assurance Lead

Distributed, AMER

Elastic logo
Elastic
Apply now Apply later

Posted 1 week ago

We’re always on the search for amazing people. People who have a real passion for what they do and are masters at their craft. We are looking for a Compliance and Customer Assurance Lead to join our team in Information Security (InfoSec). The InfoSec team leads the strategy, policy, and programs for information security company-wide. Our responsibilities include risk management, implementing a holistic security program, driving compliance initiatives, recommending and implementing security controls, preventing and detecting security threats, and handling incident response. We do all of this in a globally distributed company, thinking differently about how we best achieve critical information security objectives.

  • Are you passionate about helping an organization establish and maintain a strong security posture?
  • Do you want to be in an InfoSec role that directly supports the overall success of the team and the company?

This could be your dream job, and we'd love to meet you!

What you will be doing:

  • Leading and maturing Elastic’s governance and compliance program to deliver customer trust at scale
  • Striving for a modern compliance and audit experience, powered by data, automation and metrics
  • Building a governance approach that is creative, relevant, and aligned with how we operate as an organization

What you've done:

  • Led a company-wide compliance certification program in a cloud native company, working with some or all of SOC2, ISO 27001, HIPAA, PCI and FedRAMP
  • Developed meaningful policies, standards, and controls in a single framework that were communicated in an approachable manner
  • Worked alongside fast paced engineering teams who use practices like Infrastructure-as-Code, Compliance-as-Code, DevOps and Site Reliability Engineering (SRE)
  • Educating teams, customers, auditors, and regulators on how an organization operates in a way that each audience understands
Job tags: Automation Compliance DevOps FedRAMP HIPAA Incident response ISO 27001 PCI Risk management SOC2 Strategy
Job region(s): Europe Remote/Anywhere
Job stats:  30  3  0
  • Share this job via
  • or