Senior Security And Compliance Manager

Summary

Join Snapsheet as our Senior Security and Compliance Manager and take ownership of our compliance function, ensuring our security framework scales effectively. This critical role within our IT and security team involves managing audits, strengthening security controls, and overseeing compliance training programs. You will collaborate with department leadership to maintain and enhance security standards while driving compliance with key frameworks like SOC 2, ISO 27001, and GDPR. The position offers a remote work environment with flexibility and numerous benefits. We are seeking a candidate with extensive experience in compliance program management and a proven track record of leading SOC 2 audits. Snapsheet is committed to building a diverse and inclusive workplace.

Requirements

• 6+ years of relevant professional experience
• 2+ years managing compliance programs for SOC 2, ISO 27001, GDPR, or similar frameworks at a software company with 100+ employees
• Proven track record of leading SOC 2 audits from start to finish, including meetings and providing evidence to auditors
• Strong IT skills, including experience in monitoring, networking, and mobile device management, with a focus on security
• Ability to manage and improve compliance processes, including tracking training programs, running penetration tests, and conducting routine internal audits
• Strong program management and organizational skills, with experience coordinating cross-functional stakeholders and managing security reviews

Responsibilities

• Lead the execution of SOC 2 audits and oversee future ISO 27001 compliance efforts
• Lead implementation of Snapsheet's Data Privacy Policy based on GDPR
• Conduct internal security and compliance audits, identifying risks, escalating issues, and implementing corrective actions
• Manage client-facing security reviews, responding to due diligence questionnaires and providing audit evidence to external auditors
• Shape Snapsheet’s security posture, evolving compliance programs to meet the increasing complexity of operations
• Build a scalable and robust security framework, ensuring compliance with industry best practices
• Oversee IT security tasks and align them with compliance requirements
• Monitor and improve SLAs for security incidents, ensuring timely resolution of compliance gaps
• Assist in management and continuous improvement of compliance training
• Collaborate with legal, procurement, and IT teams to integrate vendor security into the vendor lifecycle
• Work closely with leadership to enhance security initiatives and scale programs as Snapsheet grows

Preferred Qualifications

Bonus Certifications such as GSEC, CRISC, CIPM, CISM, or ISO 27001

Benefits

• Remote working environment
• Flexibility - empathy is ingrained in who we are and we are happy to offer a flexible PTO policy, casual dress code, and more!
• Development - Mentorship programs, 1-on-1 management, promote when ready culture, quarterly internal promotion opportunities, and goal setting sessions
• Fun - Celebrations just because, yearly in-person and remote events, Snapsheet Swag, Employee Resource Groups, and more!
• Medical, dental and vision insurance through Blue Cross Blue Shield
• Unlimited PTO
• 4% 401k match program
• Monthly internet stipend
• Employee Assistance Program: offers 6 visits with trained counselors per life incident
• Yearly in-person events including our annual Summit and Roadshows
• Computer and equipment provided
• Snapsheet SWAG and mailers
• Unlimited opportunity for career growth, learning and company impact
• Macbook Pros with dual displays
• Open Hack Days twice a month