InfoSec - Senior Manager - Governance and Compliance

Elastic is an open source search company that powers enterprise search, observability, and security solutions built on one technology stack that can be deployed anywhere. From finding documents to monitoring infrastructure to hunting for threats, Elastic makes data usable in real time and at scale. Thousands of organizations worldwide, including Barclays, Cisco, eBay, Fairfax, ING, Goldman Sachs, Microsoft, The Mayo Clinic, NASA, The New York Times, Wikipedia, and Verizon, use Elastic to power mission-critical systems. Founded in 2012, Elastic is a distributed company with Elasticians around the globe. Learn more at elastic.co

 

About the Team :

We’re always on the search for amazing people. People who have a real passion for what they do and are masters at their craft. We are looking for a leader in Governance and Compliance to join our team in Information Security (InfoSec).

The InfoSec team leads the strategy, policy, and programs for information security company-wide. Our responsibilities include risk management, implementing a comprehensive security program, driving compliance initiatives, recommending and implementing security controls, preventing and detecting security threats, and handling incident response. We do all of this in a globally distributed company, thinking differently about how we best achieve critical information security objectives.

• Are you passionate about helping an organization maintain and communicate a strong security posture?
• Do you want to be part of a modern InfoSec team that steps out of the shadows and embraces radical transparency?
• Would you thrive in an InfoSec role that directly contributes to the growth and overall success of the company?

This could be your dream job, and we'd love to meet you!

What You Will Be Doing:

• Managing and maturing Elastic’s compliance certification program to deliver customer trust at scale.
• Striving for a modern compliance and audit experience, powered by data, automation and metrics.
• Building a governance approach that is creative, relevant, and aligned with how Elastic operates as an organization.
• Enabling the business by providing trusted security content and compliance artifacts via self-service channels, both internally and directly to customers.

What You Bring Along:

• Proven experience managing a team of Security Analysts.
• Experience owning a compliance and certification program in a global, cloud native company, working with some or all of FedRAMP, IRAP, SOC2, ISO 27001, HIPAA, and PCI.
• A high degree of autonomy, combining the ability to prioritize and coordinate with a strong attention to detail.
• A passion for partnering with fast paced engineering teams using practices like Infrastructure-as-Code, Compliance-as-Code, DevOps and Site Reliability Engineering (SRE).
• A willingness to embrace change and do things differently.
• Experience educating teams, customers, auditors, and regulators on how an organization operates in a way that each audience understands.

 

Compensation for this role is in the form of base salary.  This role does not have a variable compensation component.  

The typical starting salary range for new hires in this role is listed below.  In select locations (including Seattle WA, Los Angeles CA, the San Francisco Bay Area CA, and the New York City Metro Area), an alternate range may apply as specified below. 

These ranges represent the lowest to highest salary we reasonably and in good faith believe we would pay for this role at the time of this posting.  We may ultimately pay more or less than the posted range, and the ranges may be modified in the future.  

An employee's position within the salary range will be based on several factors including, but not limited to, relevant education, qualifications, certifications, experience, skills, geographic location, performance, and business or organizational needs.

Elastic believes that employees should have the opportunity to share in the value that we create together for our shareholders. Therefore, in addition to cash compensation, this role is currently eligible to participate in Elastic's stock program.  Our total rewards package also includes a company-matched 401k with dollar-for-dollar matching up to 6% of eligible earnings, along with a range of other benefits offered with a holistic emphasis on employee well-being.

The typical starting salary range for this role is:$152,200—$240,700 USDThe typical starting salary range for this role in the select locations listed above is:$182,700—$289,000 USD

Compensation for this role is in the form of base salary.  This role does not have a variable compensation component.  The typical starting salary range for new hires in this role is listed below. 

These ranges represent the lowest to highest salary we reasonably and in good faith believe we would pay for this role at the time of this posting.  We may ultimately pay more or less than the posted range, and the ranges may be modified in the future.  

An employee's position within the salary range will be based on several factors including, but not limited to, relevant education, qualifications, certifications, experience, skills, geographic location, performance, and business or organizational needs.

Elastic believes that employees should have the opportunity to share in the value that we create together for our shareholders. Therefore, in addition to cash compensation, this role is currently eligible to participate in Elastic's stock program.  Our total rewards package also includes a company-matched Registered Retirement Savings Plan (RRSP) with dollar-for-dollar matching up to 6% of eligible earnings, along with a range of other benefits offered with a holistic emphasis on employee well-being.

The typical starting salary range for this role is:$154,000—$243,600 CAD

Additional Information - We Take Care of Our People

As a distributed company, diversity drives our identity. Whether you’re looking to launch a new career or grow an existing one, Elastic is the type of company where you can balance great work with great life. Your age is only a number. It doesn’t matter if you’re just out of college or your children are; we need you for what you can do.

We strive to have parity of benefits across regions and while regulations differ from place to place, we believe taking care of our people is the right thing to do.

• Competitive pay based on the work you do here and not your previous salary
• Health coverage for you and your family in many locations
• Ability to craft your calendar with flexible locations and schedules for many roles
• Generous number of vacation days each year
• Double your charitable giving - We match up to $1500 (or local currency equivalent)
• Up to 40 hours each year to use toward volunteer projects you love
• Embracing parenthood with minimum of 16 weeks of parental leave

Different people approach problems differently. We need that. Elastic is committed to diversity as well as inclusion. We are an equal opportunity employer and committed to the principles of affirmative action. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status or any other basis protected by federal, state or local law, ordinance or regulation. If you require any reasonable accessibility support, please email candidate_accessibility@elastic.co.

Applicants have rights under Federal Employment Laws, view posters linked below: Family and Medical Leave Act (FMLA) Poster; Equal Employment Opportunity (EEO) Poster; and Employee Polygraph Protection Act (EPPA) Poster.

Please see here for our Privacy Statement.