Compliance Analyst II, Data Protection & Privacy

United States

Applications have closed


HashiCorp delivers consistent workflows to provision, secure, connect, and run any infrastructure for any application.

View company page

Compliance Analyst II, Data Protection and Privacy

We’re looking for an individual well versed in the cloud environment and associated technical controls to help continually develop and mature the data protection and privacy program. This role will be heavily focused on assisting with building out, automating, and managing data protection and privacy operations capabilities across HashiCorp. We’re looking for a self-motivated individual who thrives in fast-paced environments, can seamlessly drive efforts with multiple stakeholders to accomplish large goals, has demonstrable experience in operational privacy and data protection and is comfortable working across the breadth and depth of a large program.Security at HashiCorp is a remote team. While prior experience working remotely isn't required, we are looking for team members who can perform well given a high level of independence and autonomy.

HashiCorp embraces diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. We believe the more inclusive we are, the better our company will be.

In this role, your responsibilities will include to:

  • Lead multiple work streams and/or teams to execute against project plans
  • Prioritize and manage completing competing efforts within the privacy and GRC function
  • Drive maintaining awareness of data in our cloud products and corporate systems
  • Document new or expanding processes and controls for data privacy and data management
  • Manage risk registers and help track risk remediation
  • Lead relevant internal controls testing and audit readiness preparation
  • Help lead data protection efforts and program build out, including associated controls
  • Manage external customer communications regarding privacy and the control environment
  • Define, collect, and report on metrics for the privacy program
  • Continually improve the privacy program, policies, and processes
  • Help with common GRC activities as needed

Must-Have Qualifications

  • 4+ years of experience with security or privacy controls development/management
  • ​​Experience with controls in a cloud environment
  • High-level understanding of privacy regulations and requirements, such as CCPA & GDPR
  • Experience with creating and implementing technical controls for data privacy and/or information security requirements
  • Strong risk management  experience, including management of the risk lifecycle
  • Comfortable working with both deeply technical and non-technical audiences
  • Able to develop relationships in a highly cross functional environment
  • Highly responsive and with a customer first mindset 
  • Flexibility in daily hours (i.e., willingness to work longer hours during end of quarter, peak periods and audits)
  • Ability to prioritize and track multiple competing projects in parallel

Desired Qualifications

  • 5+ years of relevant experience, including enhancing a privacy program
  • Understanding of evolving privacy landscape and introduction of new laws and regulations globally 
  • Previous experience at a technology or SaaS company in similar role
  • Relevant certifications, including from ISACA (e.g., CISA, CISSP) or IAPP (e.g., CIPP/E, CIPM, CIPT)

About the Application Process

Please note, as communication is a critical aspect of how we work, a cover letter is a great way to provide a sample of how you communicate. In your cover letter, describe why you're interested in working at HashiCorp, and what draws you to this role in particular.

HashiCorp embraces diversity and equal opportunity. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. We believe the more inclusive we are, the better our company will be.



Canada, Colorado, California, Washington and New York Applicants: To view base salary ranges for this role in your location and to learn more about which roles are eligible for bonus pay or commissions, please visit our Pay Transparency Calculator below. Individual pay within the range will be determined based on job related-factors such as skills, experience, and education or training. Information on our benefits can be found via the link below. Intern ranges can be found below.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Audits CCPA CIPP CISA CISSP Cloud Compliance GDPR ISACA Privacy Risk management SaaS

Perks/benefits: Team events

Regions: Remote/Anywhere North America
Country: United States
Job stats:  39  7  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.