Security And Compliance Specialist

Details of the offer

We are looking for a Security and Compliance Specialist in New Zealand! This role is remote , that said most of our team is in Auckland.

We have already passed hundreds of security checks and have annual compliance audits. Our ideal candidate is someone who has also successfully helped a small company pass many Enterprise security checks. You take security seriously, but you also value efficiency and you are pragmatic. We are open to making this role part-time, e.g. 3 or 4 days a week.

About Thematic Thematic is a SaaS platform for customer feedback analysis, powered by the latest AI algorithms. Our goal is to empower companies to get clear and accurate insights from customer feedback in a fast and effortless way. We work with the likes of Google, LinkedIn and Doordash (just to name a few). Our users are researchers, analysts and product operations people. By getting a faster understanding of customer needs, our customers improve their customer metrics, and grow faster. Our ideal customers are enterprises who care about security and AI governance. Your goal is to help them assure that we are aligned with their needs, which will ultimately help us grow.

We've been around since 2017 and are a fully remote team of 20+. Our R&D happens in New Zealand, our sales focus has been mainly in the US. We use modern tools like Slack, Jira and Zoom for communication and collaboration. We strive to minimize meetings, but also dedicate time to build a diverse and inclusive company culture. We are well funded (YCombinator, AirTree) and profitable.

A successful Security Engineer at Thematic will be the go-to person for the sales team to help fill out and respond to security questions. You will also be responsible for SOC2 audit as well as implementing the processes required for compliance.

Thematic has already had a SOC2 Type II audit for the last 7 years and will continue annual audits.

Your job focus will be as follows: Security questionnaires - (Our current volume varies, some weeks 2-3, others zero)
You'll be the first point of communication for any security-related matters
You'll communicate with others via Slack and with external security teams via email / Zoom / Teams
You'll fill out security questions in a timely manner, and if necessary jump in after hours / on weekends for time-sensitive compliance projects (We'll keep these at a minimum)
You'll collaborate with other teams to find answers, if necessary
You'll collaborate with other teams to ensure any requirements or changes to processes or infrastructure are implemented
You'll ensure the filling out of security forms is efficient and quick
You'll create artifacts that help sales team communicate with external security teams e.g. our AI Governance practices
Compliance audits - (Once a year, your first one will be at the end of 2025)
You'll be the first point of contact for the SOC2 auditors
You'll lead our annual SOC2 compliance and review (around 8 weeks part-time)
You'll ensure we are following security practices necessary to pass SOC2 compliance in an efficient manner (throughout the year, depending on time available)
You will use Confluence and Jira heavily, and you'll use other tools required for evidence preparation
Throughout, you'll strive to understanding of business context and correlate the effort required for compliance initiative with business impact
Controls and policy management - (Ensure these are appropriate and up to date)
Review and maintain policy documents
Research and write policy documents and updates to existing documents as they are needed
Ensure controls are in place for compliance with policy documents
Monitor compliance throughout the year and work with other teams to ensure they remain compliant

Requirements Our ideal candidate has the following expertise:
Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field. Relevant professional certifications (e.g., CISA, CISSP, CISM) are a plus
Minimum of 2 years of experience in managing or leading SOC2 compliance efforts, including preparation for audits and maintaining ongoing compliance
Proven track record of efficiently completing security questionnaires for SaaS or technology companies
Excellent verbal and written communication skills, with the ability to convey complex security and compliance concepts to diverse audiences
Exceptional attention to detail and accuracy in documentation and reporting
Strong analytical and problem-solving skills, with the ability to develop innovative solutions to complex compliance challenges.

Nice to have: Strong understanding of cloud infrastructure (e.g., AWS, Azure, GCP) and security best practices if security work is necessary.
Demonstrated experience in designing and implementing scalable processes for evidence collection and management to support compliance initiatives
Experience working cross-functionally with various teams, such as IT, Legal, and Product, to ensure company-wide compliance with security standards

Benefits We know someone like you is in demand right now, so why should you choose to work with us? Well, we take care of our team!
You'll have a base salary of $80,000-$100,000 per year (negotiable, and depends on level of experience), plus employee stock options
You'll enjoy flexible working hours. Work late, work early, it's up to you how to plan your week
You can work remotely from anywhere in the world during 1-2 months a year
You'll work remotely in comfort. We'll pay $400 per month towards a private or a shared office space (tax free)
You'll gain exposure to some of the world's top tech brands, and be the one to build relationships with them!
You will be a part of a smart and high performing team that makes sure to have fun as well as work hard
We organize regular team activities, as well as a weekly Friday sessions where we bond as a team and learn about topics like "mushroom growing", "work while living in a camper van" or "growing up behind the Iron Curtain", or play a fun game
You'll bond with the team in the annual team retreat. We've taken our entire team to both Hawaii and New Zealand in the past!
If any of the above resonates with you, we want to hear from you!

#J-18808-Ljbffr


Nominal Salary: To be agreed

Source: Allthetopbananas_Ppc

Job Function:

Requirements

Senior Solicitor

Senior Solicitor - Auckland, New Zealand - Talent Connection Job Title: Senior Solicitor Join Donnell Sherry, a trusted legal partner for individuals, famili...


Talent Connection - Auckland

Published a month ago

Specialist, Liability Claims

Make a difference as a Specialist, Liability Claims. Join the largest insurance group in Aotearoa New Zealand and Australia. About the Role We have an exc...


Iag - Auckland

Published a month ago

Legal Executive

Established in 2019, Apogee Legal has been embraced by the community and is growing fast to support the exciting opportunities being created in our region. T...


Apogee Legal - Auckland

Published a month ago

Senior Legal Advisor- 12 Month Fixed Term

Position Senior Legal Advisor - 12 Month Fixed Term Division The Johnson Group Job Type Contract Location Auckland Ref# MTH06291 Posted 21 October 2024 Close...


Alpha Personnel Recruitment Ltd - Auckland

Published a month ago

Built at: 2024-11-22T17:48:48.485Z