Senior Risk & Compliance Engineer (Contract)

The Job

As a Senior Risk & Compliance Engineer at Panther Labs, you will be part of the GRC team focused on our information security risk management, and regulatory compliance efforts. You will work directly with leadership, engineering, and other departments to implement and monitor security controls and will play a critical role in ensuring that we meet our security, privacy and compliance commitments.

The Company

Panther is a cybersecurity company with the mission of detecting any breach, anywhere. The company was founded by security practitioners that lived through the difficulty of trying to protect large organizations and wanting to build a solution that many teams could use. Panther solves modern security problems with detection-as-code, a cloud-native architecture, and robust security data lake. Panther’s platform, used by many industry innovators, enables security teams to focus on security, detect attacks, and protect their organizations without prohibitive overhead or excessive operational costs.

Backed by Coatue Management, Lightspeed Venture Partners, S28 Capital, Snowflake Ventures, ICONIQ Growth, and Innovation Endeavors, Panther has raised $140M, and is driving innovation disrupting the cyber security space.Panther's customers include industry-leading technology companies such as Figma, Gusto, Coinbase, and Dropbox, most of them being mid-large enterprises and they are very much modern technology cloud-forward companies.The company was featured for a second year in a row on EnterpriseTech30's startup list, most as recently as #6 on the list of mid stage, emerging technology companies!

Panther is a remote-first company with a culture of flexibility, written documentation, open company communication, and collaboration. Our values guide our every move: Create Customer Love, Be an Owner, and Take Care of the Team. We believe that by building a diverse group of remote individuals, we can push forward our mission and create a rewarding, inclusive, and fun work environment for our entire team.

The Responsibilities

• Implementing and supporting both current and future compliance reporting requirements, including SOC2, ISO 27001, PCI DSS, HIPAA, FedRAMP and others.
• Developing and maintaining compliance documentation for controls, policies and procedures.
• Working directly with external auditors throughout monitoring periods and compliance engagements.
• Defining, executing, measuring, monitoring and reporting on compliance controls and initiatives
• Performing TPRM security reviews of new and existing vendors.
• Completing customer security questionnaires (e.g. SIG, CAIQ, CIS, VSA).

The Requirements

• Experience: 4+ years of relevant professional experience (e.g. GRC, Cybersecurity, Internal Audit)
• Must have a technical grasp of cloud computing, cloud security, and engineering workflows.
• Experience with compliance audits, such as SOC2, ISO 27001, PCI DSS, and HIPAA, at a fast-paced, high-growth company that operates in the cloud.
• Familiarity with IT compliance frameworks (e.g. NIST 800-53, SOC2, PCI, HIPAA, ISO 27001)
• Experience testing IT security controls, such as User Access Reviews, Change Management, Backups, Disaster Recovery.
• Experience defining, documenting, updating and mapping controls, policies, procedures, exceptions, risks, assets, vendors and people.
• Experience with GRC platforms and compliance automation applications (e.g. Archer, RiskOptics, Drata, Vanta, Anecdotes).
• Experience with third-party and supplier risk management applications (e.g. Whistic, OneTrust, Loopio, Secureframe).

The Perks

• Remote-friendly

Panther labs is an Equal Opportunity Employer. The Company prohibits discrimination and harassment on the basis of: race, color, national origin, ancestry, sex (including pregnancy, childbirth, breastfeeding), gender, gender identity, gender expression, sexual orientation, marital status, age, religious creed, physical disability, mental disability, genetic information, military or veteran status, or any other status protected by law. All employment decisions are decided on the basis of qualifications, merit, and business need.