Compliance Analyst

Details of the offer

Compliance Analyst II , Governance, Risk and Compliance (Product Readiness) Remote JR103599 About the team HashiCorp has a dedicated Compliance team who supports HashiCorp's compliance attestations and certification, as well as policy and governance. The compliance team plays a critical role in ensuring that the organization adheres to policies, requirements and contractual commitments. This team is responsible for implementing and maintaining compliance frameworks, supporting external audits, policy review and refresh, among many other key compliance activities. The Compliance team works closely in collaboration with many teams within HashiCorp, such as R&D, IT, and other Security members. What you'll do (responsibilities) We are looking for a GRC Compliance Analyst II to support compliance across HashiCorp product lines. This role involves being actively involved in the day-to-day activities of HashiCorp product lines to enable compliance by providing real-time evaluation of requirements, control scoping, and the ability to advise on remediation of gaps, if applicable, to ensure products meet compliance requirements. The ideal candidate will have experience collaborating with cross-functional teams to embed compliance controls into agile development and operations processes, providing continuous guidance and oversight throughout the product development process . We are looking for a self-motivated individual who thrives in a fast-paced environment, can seamlessly drive efforts across multiple projects, working with various stakeholders. Security at Hashicorp is a remote team. While prior experience working remotely isn't required, we are looking for team members who can perform well given a high level of independence and autonomy. Work closely with product development teams to incorporate security and compliance requirements into the product development lifecycle, ensuring that all products are built with compliance in mind from the ground up. Conduct real-time assessments of products and features during development, identifying potential compliance risks and providing actionable recommendations to address gaps. Define the scope of compliance controls and requirements for new and existing products, ensuring that all relevant aspects of the product are covered. Provide ongoing guidance to product teams on security controls and industry best practices, helping them navigate complex compliance landscapes. Leverage your technical expertise and deep understanding of the product to effectively collaborate with the rest of the GRC team, ensuring alignment and accuracy of understanding during audits. Lead internal and external audits related to product compliance, ensuring that all documentation and controls are in place and up to date. Collaborate with cross-functional teams, including product managers and engineers, to integrate security controls into development and operational processes. Help develop and deliver live training on security and compliance requirements and control owner responsibilities. Identify assets utilized in the services/products that impact compliance and ensure they are documented in the scope/boundaries of the compliance program including updates, removals and additions. Assisting with internal audits, control testing and external audits Work with Engineering teams to identify automation opportunities of manual tasks, such as continuous monitor of controls and audit evidence collection Support other GRC work as required What you'll need (basic qualifications) Minimum of 2-5 years of related professional compliance and controls program experience Previous experience in a cloud environment, preferably AWS and/or Azure Experience with modern development and operations patterns and practices, with a strong understanding of how to embed security controls into these processes. Advanced level knowledge either controls and control frameworks Comfortable working with both deeply technical and non-technical resources Flexible in daily hours (e.g. willingness to work longer hours during end of quarter ,peak periods, and audit) Highly responsive Ability to prioritize and track multiple projects and tasks in parallel Excellent communication and collaboration skills. Ability to work effectively with cross-functional teams and provide clear guidance on complex compliance issues. Deep understanding of common security compliance frameworks, attestations and certifications Understanding of infrastructure as code and related controls Previous experience at a technology or SaaS company in a similar role Existing experience with HashiCorp products Experience working with OSCAL Sponsorship If sponsorship is 100% not available, please include the language below in your job description. HashiCorp welcomes all qualified candidates who have authorization to work in the United States to apply - HashiCorp will not be sponsoring visas for this role at this time. #LI-Remote Individual pay within the range will be determined based on job related-factors such as skills, experience, and education or training. The base pay range for this role in the SF Bay Area / NYC area is: $157,300-$185,000 USD The base pay range for this role in Seattle Metro, Denver / Boulder Metro, New York (excluding NYC), Washington D.C., or California (excluding SF Bay Area) is: $144,200-$169,600 USD The base pay range for this role in Colorado (excluding Denver / Boulder Metro) and Washington (excluding Seattle Metro) is: $131,100-$154,200 USD


Nominal Salary: To be agreed

Source: Talent2_Ppc

Job Function:

Requirements

Sr. Director, Legal

Where A-Players Thrive. We're an employee-owned, vertically-integrated builder of some of America's most popular health & wellness brands. With over 1,400 te...


Goldencustomercare - California

Published 5 days ago

Junior Attorney (0-2 Years) - Insurance Defense

Direct Counsel, LLC is actively seeking a motivated Junior Attorney with 0-2 years of experience specializing in Insurance Defense. Law students newly admitt...


Direct Counsel, Llc - California

Published 5 days ago

Esg Climate And Decarbonization Staff Analyst

Company:Qualcomm IncorporatedJob Area:Legal Group, Legal Group > Government AffairsGeneral Summary: We believe that climate change is a serious environmental...


Qualcomm - California

Published 5 days ago

Senior Employment Attorney

A law firm in Los Angeles is actively seeking a Senior Employment Attorney with over 8 years of dedicated experience in employment law. The ideal candidate w...


Bcg Attorney Search - California

Published 5 days ago

Built at: 2024-11-16T13:28:15.877Z