Compliance Lead, SOC2

United States, Remote

Very Good Security, Inc. logo
Very Good Security, Inc.
Apply now Apply later

Posted 1 week ago

We’re looking for a SOC2 and PCI expert who can work with both internal and external customers to provide guidance on complying with SOC2 and PCI. The person in this role will be able to simplify and decompose data security compliance requirements into clear technical specifications and organizational processes and provide customers with a clear path to SOC2 or PCI Compliance using the VGS platform. 
As a member of our compliance team, you would own our technical SOC2 assessments and work closely with our customers as well as our product and engineering teams to ensure that our products fully address customer SOC2 compliance needs and enable our customers to accelerate their businesses. You would be responsible for project management for both internal and customer assessments and may assist with PCI assessments in an overflow capacity..
You would also engage with other auditors to complete customer audits and help us further develop auditor industry relationships and help create educational and marketing materials internally for our sales and engineering teams and externally for our customers. 

What you get to do every day for our customers:

  • Work closely with Customer Success delivery team(s) as needed for compliance reliant customer projects
  • Provide input on compliance products and services during the sales process to help Account Executives close deals
  • Prepare customers for SOC2 audits with clear and technically sufficient documentation that can be referenced throughout the project life-cycle
  • Assist customers and internal team with documenting and maintaining their SOC2 compliance between audits
  • Interface with onsite auditors on behalf of customers utilizing product and project manage the customer intake and audit process
  • Advise customers on best practices re: policies, procedures and architecture
  • Enjoy ownership and responsibility for a fully compliant solution, working with customer resources and/or third parties
  • Flag risks and transparently communicate to other members of the project team or into the Very Good Security team to get ahead of potential future issues

What you get to do every day with our team:

  • Advise product and engineering teams on compliance of new products or features
  • Help develop technical specifications and an overarching product roadmap that enables our customers to achieve best-in-class security and prepared to face up-coming compliance requirements
  • Recommend tooling and vendors to streamline compliance or compliance management
  • Draft internal and external educational material
  • Train staff on general SOC2 compliance principals relevant to their role
  • Contribute to ongoing improvement in compliance streams in customer facing compliance delivery
  • Actively contribute to internal compliance practice

What you bring to the role:

  • Min 5 years experience in data security field preference for emphasis on payment or privacy-related fields  
  • A personal passion for compliance, staying current and understanding new trends and risks in the industry
  • 2+ years SOC2 compliance experience, either internally or working with clients or customers (PCI experience is considered a strong plus)
  • Semi-technical, security-focused background with an understanding of cloud platforms (esp. AWS)
  • Experience in delivery and project management and understanding initial scope and seeing delivery through to completion within scope and on time.
  • Experience developing and improving templates, estimation and reusable material for internal teams

Skills:

  • Exceptional collaborator and communicator able to effectively prioritize and drive multiple important initiatives with short timelines 
  • Great communicator and comfortable working with Account Executives to promote VGS and its compliance services and products
  • Able to project manage and effectively prioritize and advance a large number of projects happening simultaneously, often on tight deadlines
  • Translate technical regulatory requirements into risk-based, actionable unit-tests for engineers
  • Very comfortable with in-person or virtual communication directly with customers and third parties

Benefits and Perks:

  • Competitive health benefits including medical, dental, & vision insurance
  • 401k plan with company match and immediate vesting
  • Flexible time off
  • Pre-tax commuter benefits
  • 12 company paid holidays
  • Annual employee retreat
At Very Good Security we value great talent. Striving to provide the best experience for our candidates VGS appreciates your candidacy. We consider applicants without regards to race, color, national origin, sex, age, religion, sexual orientation, gender identity, veteran status, marital status, physical or mental disability, or other protected classes under all local, state, and federal laws and ordinances.
Job tags: AWS Compliance Customer success Project Management Security SOC2