Manager, Governance, Risk & Compliance

Remote

strongDM logo

strongDM

Manage access to any server, database, or Kubernetes instance in minutes. Fully auditable, replayable, secure, and drag-and-drop easy.

View all employer listings

Find more jobs like this

strongDM is a customer-first, second, and third company with a rabid fan base. When was the last time you heard things like: * Splunk's CISO Joel Fulton says "strongDM gives you what you can’t get any other way -- the ability to see what happens, replay and analyze incidents."
* Chef's co-founder Adam Jacob says "strongDM takes the friction out of getting staff access to the systems they need." Customers love us because: The product rocks: strongDM fundamentally changes the relationship between InfoSec, DevOps, and end users. Enforce the controls security needs while making it easier to facilitate access.   They can trust us: we built a technical product for technical buyers. We do not use jargon. There is no alternative but to always be technically accurate. We are not afraid to admit product gaps.   We’re real humans: we built a serious product without taking ourselves too seriously. Each member of the team is deadly good at their job, and yet we crack jokes on the phone with customers. 
We have a vision…
…and we need the right people to help us execute. For strongDM to be successful we need our customers to trust that we have a solid foundation of policies, procedures, and controls in place to protect their data and keep our business running smoothly. We’re searching for the GRC leader that can bring their expertise from day 1, be willing to speak up when they see something that needs improvement, and grow a GRC team from .25 to 3.

What You'll Do:

  • Take ownership over strongDM’s GRC Programs within the context of the larger Information Security Program
  • Partner with the Director, Security & Compliance and Manager, Security Engineering & Operations to develop new controls as we implement FedRAMP and mature our environment 
  • Mentor the team on auditing, risk management, controls development, good policy management
  • Partner with all corners of strongDM to document policies, standards, processes, and controls
  • Join with the Security Engineering & Operations team to develop a security training and testing program to keep strongDM employees and data safe
  • Work with teams across the company to identify gaps in controls and processes, and develop solutions that work for the business 
  • Look forward for what changes we can make not just to meet today's compliance requirements, but next year’s as well

Requirements:

  • A history of leading individual contributors by giving them an intent and getting out of their way so they can do the job we hire them to do. If they need help with the doing, you lend a hand without taking over
  • You’ve analyzed more risks than you can count, collected mountains of evidence, and have written enough policies to fill an encyclopedia 
  • Have a “Yes, and…” attitude, be willing to own failure, and speak up when you see room for improvement 
  • Ability to partner with teammates at all levels from individual contributors to executives, and communicate in a way that 
  • Experience working at a high-growth startup with a culture of incredible customer support 
  • Experience with implementing or managing NIST 800-53 and FedRAMP-based control environments a plus

Compensation:

  • Competitive base + equity salary packages
  • Company sponsored benefits, including:
  • Medical, dental, and vision insurance (free to employees and dependents)
  • 401k, HSA, FSA, short / long-term disability coverage, life insurance
  • 4 weeks accrued PTO + sick days + volunteer days + standard holidays, paid parental leave
  • Stipend for internet and phone + home office budget
  • No travel required
Job region(s): Worldwide/Anywhere
Job stats:  1  0  0

Explore more Remote Work and WFH career opportunities