Senior Risk & Compliance Engineer (Contract)
Brás, São Paulo, Brazil
Applications have closed
Panther Labs
Panther alleviates the pain of traditional SIEM with detection-as-code, a robust security data lake, & flexible scalability. Visit our website for a demo or pricing.The Job
As a Senior Risk & Compliance Engineer at Panther Labs, you will be part of the GRC team focused on our information security risk management, and regulatory compliance efforts. You will work directly with leadership, engineering, and other departments to implement and monitor security controls and will play a critical role in ensuring that we meet our security, privacy and compliance commitments.
The Company
Panther is a cybersecurity company with the mission of detecting any breach, anywhere. The company was founded by security practitioners that lived through the difficulty of trying to protect large organizations and wanting to build a solution that many teams could use. Panther solves modern security problems with detection-as-code, a cloud-native architecture, and robust security data lake. Panther’s platform, used by many industry innovators, enables security teams to focus on security, detect attacks, and protect their organizations without prohibitive overhead or excessive operational costs.
Backed by Coatue Management, Lightspeed Venture Partners, S28 Capital, Snowflake Ventures, ICONIQ Growth, and Innovation Endeavors, Panther has raised $140M, and is driving innovation disrupting the cyber security space.Panther's customers include industry-leading technology companies such as Figma, Gusto, Coinbase, and Dropbox, most of them being mid-large enterprises and they are very much modern technology cloud-forward companies.The company was featured for a second year in a row on EnterpriseTech30's startup list, most as recently as #6 on the list of mid stage, emerging technology companies!
Panther is a remote-first company with a culture of flexibility, written documentation, open company communication, and collaboration. Our values guide our every move: Create Customer Love, Be an Owner, and Take Care of the Team. We believe that by building a diverse group of remote individuals, we can push forward our mission and create a rewarding, inclusive, and fun work environment for our entire team.
The Responsibilities
- Implementing and supporting both current and future compliance reporting requirements, including SOC2, ISO 27001, PCI DSS, HIPAA, FedRAMP and others.
- Developing and maintaining compliance documentation for controls, policies and procedures.
- Working directly with external auditors throughout monitoring periods and compliance engagements.
- Defining, executing, measuring, monitoring and reporting on compliance controls and initiatives
- Performing TPRM security reviews of new and existing vendors.
- Completing customer security questionnaires (e.g. SIG, CAIQ, CIS, VSA).
The Requirements
- Experience: 4+ years of relevant professional experience (e.g. GRC, Cybersecurity, Internal Audit)
- Must have a technical grasp of cloud computing, cloud security, and engineering workflows.
- Experience with compliance audits, such as SOC2, ISO 27001, PCI DSS, and HIPAA, at a fast-paced, high-growth company that operates in the cloud.
- Familiarity with IT compliance frameworks (e.g. NIST 800-53, SOC2, PCI, HIPAA, ISO 27001)
- Experience testing IT security controls, such as User Access Reviews, Change Management, Backups, Disaster Recovery.
- Experience defining, documenting, updating and mapping controls, policies, procedures, exceptions, risks, assets, vendors and people.
- Experience with GRC platforms and compliance automation applications (e.g. Archer, RiskOptics, Drata, Vanta, Anecdotes).
- Experience with third-party and supplier risk management applications (e.g. Whistic, OneTrust, Loopio, Secureframe).
The Perks
- Remote-friendly
Panther labs is an Equal Opportunity Employer. The Company prohibits discrimination and harassment on the basis of: race, color, national origin, ancestry, sex (including pregnancy, childbirth, breastfeeding), gender, gender identity, gender expression, sexual orientation, marital status, age, religious creed, physical disability, mental disability, genetic information, military or veteran status, or any other status protected by law. All employment decisions are decided on the basis of qualifications, merit, and business need.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Automation Cloud Compliance FedRAMP HIPAA ISO 27001 Monitoring NIST NIST 800-53 PCI DSS Privacy Risk management Snowflake SOC 2
Perks/benefits: Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs