Security Compliance Specialist

Summary

Join Sayari's Security team as a Data Privacy and Security Manager and play a crucial role in ensuring compliance with global data protection laws and regulations. You will develop and implement data protection standards, analyze global laws (GDPR, CCPA, etc.), work with cross-functional teams, and advise on information security and privacy compliance matters. Responsibilities include creating security policies, overseeing data privacy practices, coordinating audits, responding to customer questionnaires, and leading breach investigations. This position requires extensive experience in data privacy compliance, security audits, and risk management. Sayari offers a competitive compensation package, including performance bonuses, generous leave, a pension plan, and professional development opportunities.

Requirements

• Minimum of 2 years of professional experience ensuring compliance with global data privacy laws and regulations i.e. GDPR, ISO 27018, ISO 27701, Data Privacy Framework, etc
• Minimum of 4 years of professional experience participating in one or more external information security and/or data privacy compliance audits i.e. SOC 2, ISO 27018, ISO 27001, ISO 27701, etc
• Experience responding to customer questionnaires regarding information security and data privacy
• Experience reviewing technical information and data privacy requirements from customers, vendors, and government regulations
• Familiarity with data protection technologies and risk management strategies
• Experience performing internal security and data privacy audits to assess security maturity and provide recommendations prior to external audits
• Experience using a continuous compliance monitoring tool such as Vanta, Drata, etc. to track compliance with multiple frameworks and regulations
• Ability to comprehend penetration test and vulnerability scan results
• Startup experience, or alternatively a multifaceted skillset
• Excellent organization and professional writing capability with strong communication and presentation skills

Responsibilities

• Create and maintain security policies, standards, procedures and guidelines
• Oversee and ensure the company’s data privacy practices align with applicable data protection laws, including GDPR (EU), CCPA (US), and other national or international regulations
• Prepare, plan, and coordinate third-party security compliance audits
• Respond to customer security questionnaires
• Provide guidance on data protection requirements across the organization
• Facilitate independent security assessments and coordinate third-party penetration tests
• Promote a culture of security & data privacy awareness throughout the organization
• Help maintain Company's security awareness programs and ensure engineering team stay informed of top security risks and best practices
• Lead investigations into potential data breaches, ensuring timely resolution and compliance with notification requirements
• Audit and measure security program maturity
• Management of the ISMS with high attention to detail and exceptional organization
• Triage security issues and provide recommended solutions
• Monitor security and data privacy certifications and company compliance requirements
• Manage relationships with vendors and audit their security program

Benefits

• A collaborative, fun and positive culture - you will be part of a successful team passionate about the mission and driving business growth
• Outstanding competitive compensation package
• Performance and incentive bonuses
• Exceedingly generous vacation leave, parental leave, floating holidays, flexible schedule, & other remarkable benefits
• Eligibility to participate in our UK pension plan with a company-sponsored match
• A strong commitment to diversity, equity, and inclusion
• Limitless growth and learning opportunities
• Conference & Continuing Education Coverage
• Team building events & opportunities